1. Patchew
  2. linux
  3. View series

[PATCH] dma-buf: add SB_I_NOEXEC flag to dmabuf pseudo-filesystem

Cong Wang posted 1 patch 5 days, 22 hours ago 
drivers/dma-buf/dma-buf.c | 1 +
1 file changed, 1 insertion(+)
[PATCH] dma-buf: add SB_I_NOEXEC flag to dmabuf pseudo-filesystem
Posted by Cong Wang 5 days, 22 hours ago 
From: Cong Wang <cwang@multikernel.io>

The dmabuf filesystem uses alloc_anon_inode() to create anonymous inodes
but does not set the SB_I_NOEXEC flag on its superblock. This triggers a
VFS warning in path_noexec() when userspace mmaps a dma-buf:

  WARNING: CPU: 6 PID: 5660 at fs/exec.c:118 path_noexec+0x47/0x50

The warning exists to catch anonymous inode filesystems that forget to
set SB_I_NOEXEC, as anonymous files should not be executable. All other
pseudo-filesystems that use alloc_anon_inode() properly set this flag:

  - fs/anon_inodes.c: sets SB_I_NOEXEC
  - fs/aio.c: sets SB_I_NOEXEC
  - mm/secretmem.c: sets SB_I_NOEXEC

Add the missing SB_I_NOEXEC flag to dma_buf_fs_init_context() to fix the
warning and maintain consistency with other anonymous inode filesystems.

This was triggered when testing DAXFS (https://github.com/multikernel/daxfs)
and was 100% reproducible with CONFIG_DEBUG_VFS=y.

Cc: Sumit Semwal <sumit.semwal@linaro.org>
Cc: "Christian König" <christian.koenig@amd.com>
Signed-off-by: Cong Wang <cwang@multikernel.io>
---
 drivers/dma-buf/dma-buf.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c
index edaa9e4ee4ae..e2e1f77aca80 100644
--- a/drivers/dma-buf/dma-buf.c
+++ b/drivers/dma-buf/dma-buf.c
@@ -192,6 +192,7 @@ static int dma_buf_fs_init_context(struct fs_context *fc)
 	ctx = init_pseudo(fc, DMA_BUF_MAGIC);
 	if (!ctx)
 		return -ENOMEM;
+	fc->s_iflags |= SB_I_NOEXEC;
 	ctx->dops = &dma_buf_dentry_ops;
 	return 0;
 }
-- 
2.34.1
Re: [PATCH] dma-buf: add SB_I_NOEXEC flag to dmabuf pseudo-filesystem
Posted by Christoph Hellwig 5 days, 8 hours ago 
On Sun, Feb 01, 2026 at 09:09:52AM -0800, Cong Wang wrote:
> From: Cong Wang <cwang@multikernel.io>
> 
> The dmabuf filesystem uses alloc_anon_inode() to create anonymous inodes
> but does not set the SB_I_NOEXEC flag on its superblock. This triggers a
> VFS warning in path_noexec() when userspace mmaps a dma-buf:

As last time, I think it would be much preferable to set SB_I_NOEXEC and
SB_I_NODEV by default in init_pseudo and just clear it if needed.

I can't think of anything would need to clear them from a quick look.
Re: [PATCH] dma-buf: add SB_I_NOEXEC flag to dmabuf pseudo-filesystem
Posted by Cong Wang 1 day, 11 hours ago 
On Sun, Feb 1, 2026 at 10:29 PM Christoph Hellwig <hch@infradead.org> wrote:
>
> On Sun, Feb 01, 2026 at 09:09:52AM -0800, Cong Wang wrote:
> > From: Cong Wang <cwang@multikernel.io>
> >
> > The dmabuf filesystem uses alloc_anon_inode() to create anonymous inodes
> > but does not set the SB_I_NOEXEC flag on its superblock. This triggers a
> > VFS warning in path_noexec() when userspace mmaps a dma-buf:
>
> As last time, I think it would be much preferable to set SB_I_NOEXEC and
> SB_I_NODEV by default in init_pseudo and just clear it if needed.
>
> I can't think of anything would need to clear them from a quick look.
>

I agree that setting SB_I_NOEXEC and SB_I_NODEV by default in
init_pseudo is a better approach.

I will send a v2 tomorrow.

Thanks,
Cong

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.