On Wed, May 19, 2021 at 08:52:51PM IST, Paul Moore wrote:
> On Wed, May 19, 2021 at 7:37 AM Kumar Kartikeya Dwivedi
> <memxor@xxxxxxxxx> wrote:
> >
> > This is the non-fd installing analogue of anon_inode_getfd_secure. In
> > addition to allowing LSMs to attach policy to the distinct inode, this
> > is also needed for checkpoint restore of an io_uring instance where a
> > mapped region needs to mapped back to the io_uring fd by CRIU. This is
> > currently not possible as all anon_inodes share a single inode.
> >
> > Signed-off-by: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
> > ---
> > fs/anon_inodes.c | 9 +++++++++
> > include/linux/anon_inodes.h | 4 ++++
> > 2 files changed, 13 insertions(+)
>
> [NOTE: dropping dancol@google as that email is bouncy]
>
> > diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c
> > index a280156138ed..37032786b211 100644
> > --- a/fs/anon_inodes.c
> > +++ b/fs/anon_inodes.c
> > @@ -148,6 +148,15 @@ struct file *anon_inode_getfile(const char *name,
> > }
> > EXPORT_SYMBOL_GPL(anon_inode_getfile);
>
> This function should have a comment block at the top similar to
> anon_inode_getfile(); in fact you can likely copy-n-paste the bulk of
> it to use as a start.
>
> If you don't want to bother respinning, I've got this exact patch
> (+comments) in my patchset that I'll post later and I'm happy to
> give/share credit if that is important to you.
>
That'd be great; no credit is fine :). Please CC me when you post it.
> > +struct file *anon_inode_getfile_secure(const char *name,
> > + const struct file_operations *fops,
> > + void *priv, int flags,
> > + const struct inode *context_inode)
> > +{
> > + return __anon_inode_getfile(name, fops, priv, flags, context_inode, true);
> > +}
> > +EXPORT_SYMBOL_GPL(anon_inode_getfile_secure);
>
> --
> paul moore
> www.paul-moore.com
--
Kartikeya
