On Mon, Oct 09, 2023 at 07:32:48AM -0700, Sean Christopherson wrote: > Yeah, we found that out the hard way. Is using the "secure" variant to get a > per-file inode a sane approach, or is that abuse that's going to bite us too? > > /* > * Use the so called "secure" variant, which creates a unique inode > * instead of reusing a single inode. Each guest_memfd instance needs > * its own inode to track the size, flags, etc. > */ > file = anon_inode_getfile_secure(anon_name, &kvm_gmem_fops, gmem, > O_RDWR, NULL); Umm... Is there any chance that your call site will ever be in a module? If not, you are probably OK with that variant. I don't like the details of that interface (anon_inode_getfile_secure(), that is), but that's a separate story and your use wouldn't make things harder to clean up.
