On Mon, Oct 09, 2023, Al Viro wrote: > On Mon, Oct 09, 2023 at 01:20:06PM -0700, Sean Christopherson wrote: > > On Mon, Oct 09, 2023, Al Viro wrote: > > > On Mon, Oct 09, 2023 at 07:32:48AM -0700, Sean Christopherson wrote: > > > > > > > Yeah, we found that out the hard way. Is using the "secure" variant to get a > > > > per-file inode a sane approach, or is that abuse that's going to bite us too? > > > > > > > > /* > > > > * Use the so called "secure" variant, which creates a unique inode > > > > * instead of reusing a single inode. Each guest_memfd instance needs > > > > * its own inode to track the size, flags, etc. > > > > */ > > > > file = anon_inode_getfile_secure(anon_name, &kvm_gmem_fops, gmem, > > > > O_RDWR, NULL); > > > > > > Umm... Is there any chance that your call site will ever be in a module? > > > If not, you are probably OK with that variant. > > > > Yes, this code can be compiled as a module. I assume there issues with the inode > > outliving the module? > > The entire file, actually... If you are using that mechanism in a module, you > need to initialize kvm_gmem_fops.owner to THIS_MODULE; AFAICS, you don't have > that done. Ah, that's handled indirectly handled by a chain of refcounted objects. Every VM that KVM creates gets a reference to the module, and each guest_memfd instance gets a reference to its owning VM. Thanks much for the help!
