On Wed, Jan 03, 2024 at 04:01:45PM -0800, Darrick J. Wong wrote: > I actually want S_PRIVATE here to avoid interference from all the > security hooks and whatnot when scrub is using an xfile to stash a > large amount of data. Shouldn't this patch change xfile_create to call > shmem_kernel_file_setup instead? Yes, and it used to do that before I reshuffled it.. > > - inode->i_mode &= ~0177; > > - inode->i_uid = GLOBAL_ROOT_UID; > > - inode->i_gid = GLOBAL_ROOT_GID; > > Also, I don't know if it matters that the default uid/gid are now going > to be whatever the defaults would be for a new file instead of root > only. That seems like it could invite problems, but otoh xfiles are > never installed in the fd table so userspace should never get access > anyway. In-kernel shm files are created on shm_mnt, which is owned by the global root, so this will do the right thing.
