On Wed, May 19, 2021 at 7:37 AM Kumar Kartikeya Dwivedi
<memxor@xxxxxxxxx> wrote:
>
> This is the non-fd installing analogue of anon_inode_getfd_secure. In
> addition to allowing LSMs to attach policy to the distinct inode, this
> is also needed for checkpoint restore of an io_uring instance where a
> mapped region needs to mapped back to the io_uring fd by CRIU. This is
> currently not possible as all anon_inodes share a single inode.
>
> Signed-off-by: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
> ---
> fs/anon_inodes.c | 9 +++++++++
> include/linux/anon_inodes.h | 4 ++++
> 2 files changed, 13 insertions(+)
[NOTE: dropping dancol@google as that email is bouncy]
> diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c
> index a280156138ed..37032786b211 100644
> --- a/fs/anon_inodes.c
> +++ b/fs/anon_inodes.c
> @@ -148,6 +148,15 @@ struct file *anon_inode_getfile(const char *name,
> }
> EXPORT_SYMBOL_GPL(anon_inode_getfile);
This function should have a comment block at the top similar to
anon_inode_getfile(); in fact you can likely copy-n-paste the bulk of
it to use as a start.
If you don't want to bother respinning, I've got this exact patch
(+comments) in my patchset that I'll post later and I'm happy to
give/share credit if that is important to you.
> +struct file *anon_inode_getfile_secure(const char *name,
> + const struct file_operations *fops,
> + void *priv, int flags,
> + const struct inode *context_inode)
> +{
> + return __anon_inode_getfile(name, fops, priv, flags, context_inode, true);
> +}
> +EXPORT_SYMBOL_GPL(anon_inode_getfile_secure);
--
paul moore
www.paul-moore.com
