diff mbox series

[1/2] fs: anon_inodes: export anon_inode_getfile_secure helper

Message ID 20210519113058.1979817-2-memxor@gmail.com (mailing list archive)
State New, archived
Headers show
Series Create io_uring fd with ephemeral inode | expand

Commit Message

Kumar Kartikeya Dwivedi May 19, 2021, 11:30 a.m. UTC
This is the non-fd installing analogue of anon_inode_getfd_secure. In
addition to allowing LSMs to attach policy to the distinct inode, this
is also needed for checkpoint restore of an io_uring instance where a
mapped region needs to mapped back to the io_uring fd by CRIU. This is
currently not possible as all anon_inodes share a single inode.

Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
---
 fs/anon_inodes.c            | 9 +++++++++
 include/linux/anon_inodes.h | 4 ++++
 2 files changed, 13 insertions(+)

Comments

Paul Moore May 19, 2021, 3:22 p.m. UTC | #1
On Wed, May 19, 2021 at 7:37 AM Kumar Kartikeya Dwivedi
<memxor@gmail.com> wrote:
>
> This is the non-fd installing analogue of anon_inode_getfd_secure. In
> addition to allowing LSMs to attach policy to the distinct inode, this
> is also needed for checkpoint restore of an io_uring instance where a
> mapped region needs to mapped back to the io_uring fd by CRIU. This is
> currently not possible as all anon_inodes share a single inode.
>
> Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
> ---
>  fs/anon_inodes.c            | 9 +++++++++
>  include/linux/anon_inodes.h | 4 ++++
>  2 files changed, 13 insertions(+)

[NOTE: dropping dancol@google as that email is bouncy]

> diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c
> index a280156138ed..37032786b211 100644
> --- a/fs/anon_inodes.c
> +++ b/fs/anon_inodes.c
> @@ -148,6 +148,15 @@ struct file *anon_inode_getfile(const char *name,
>  }
>  EXPORT_SYMBOL_GPL(anon_inode_getfile);

This function should have a comment block at the top similar to
anon_inode_getfile(); in fact you can likely copy-n-paste the bulk of
it to use as a start.

If you don't want to bother respinning, I've got this exact patch
(+comments) in my patchset that I'll post later and I'm happy to
give/share credit if that is important to you.

> +struct file *anon_inode_getfile_secure(const char *name,
> +                                      const struct file_operations *fops,
> +                                      void *priv, int flags,
> +                                      const struct inode *context_inode)
> +{
> +       return __anon_inode_getfile(name, fops, priv, flags, context_inode, true);
> +}
> +EXPORT_SYMBOL_GPL(anon_inode_getfile_secure);
Christoph Hellwig May 19, 2021, 4:04 p.m. UTC | #2
On Wed, May 19, 2021 at 05:00:56PM +0530, Kumar Kartikeya Dwivedi wrote:
> This is the non-fd installing analogue of anon_inode_getfd_secure. In
> addition to allowing LSMs to attach policy to the distinct inode, this
> is also needed for checkpoint restore of an io_uring instance where a
> mapped region needs to mapped back to the io_uring fd by CRIU. This is
> currently not possible as all anon_inodes share a single inode.

No need to export it, as io_uring can't be built modular.

> +struct file *anon_inode_getfile_secure(const char *name,
> +				       const struct file_operations *fops,
> +				       void *priv, int flags,
> +				       const struct inode *context_inode)
> +{
> +	return __anon_inode_getfile(name, fops, priv, flags, context_inode, true);
> +}
> +EXPORT_SYMBOL_GPL(anon_inode_getfile_secure);

Please avoid the overly long line here.
Kumar Kartikeya Dwivedi May 19, 2021, 11:07 p.m. UTC | #3
On Wed, May 19, 2021 at 08:52:51PM IST, Paul Moore wrote:
> On Wed, May 19, 2021 at 7:37 AM Kumar Kartikeya Dwivedi
> <memxor@gmail.com> wrote:
> >
> > This is the non-fd installing analogue of anon_inode_getfd_secure. In
> > addition to allowing LSMs to attach policy to the distinct inode, this
> > is also needed for checkpoint restore of an io_uring instance where a
> > mapped region needs to mapped back to the io_uring fd by CRIU. This is
> > currently not possible as all anon_inodes share a single inode.
> >
> > Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
> > ---
> >  fs/anon_inodes.c            | 9 +++++++++
> >  include/linux/anon_inodes.h | 4 ++++
> >  2 files changed, 13 insertions(+)
>
> [NOTE: dropping dancol@google as that email is bouncy]
>
> > diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c
> > index a280156138ed..37032786b211 100644
> > --- a/fs/anon_inodes.c
> > +++ b/fs/anon_inodes.c
> > @@ -148,6 +148,15 @@ struct file *anon_inode_getfile(const char *name,
> >  }
> >  EXPORT_SYMBOL_GPL(anon_inode_getfile);
>
> This function should have a comment block at the top similar to
> anon_inode_getfile(); in fact you can likely copy-n-paste the bulk of
> it to use as a start.
>
> If you don't want to bother respinning, I've got this exact patch
> (+comments) in my patchset that I'll post later and I'm happy to
> give/share credit if that is important to you.
>

That'd be great; no credit is fine :). Please CC me when you post it.

> > +struct file *anon_inode_getfile_secure(const char *name,
> > +                                      const struct file_operations *fops,
> > +                                      void *priv, int flags,
> > +                                      const struct inode *context_inode)
> > +{
> > +       return __anon_inode_getfile(name, fops, priv, flags, context_inode, true);
> > +}
> > +EXPORT_SYMBOL_GPL(anon_inode_getfile_secure);
>
> --
> paul moore
> www.paul-moore.com

--
Kartikeya
Paul Moore May 20, 2021, 2:29 a.m. UTC | #4
On Wed, May 19, 2021 at 7:07 PM Kumar Kartikeya Dwivedi
<memxor@gmail.com> wrote:
> On Wed, May 19, 2021 at 08:52:51PM IST, Paul Moore wrote:
> > On Wed, May 19, 2021 at 7:37 AM Kumar Kartikeya Dwivedi
> > <memxor@gmail.com> wrote:
> > >
> > > This is the non-fd installing analogue of anon_inode_getfd_secure. In
> > > addition to allowing LSMs to attach policy to the distinct inode, this
> > > is also needed for checkpoint restore of an io_uring instance where a
> > > mapped region needs to mapped back to the io_uring fd by CRIU. This is
> > > currently not possible as all anon_inodes share a single inode.
> > >
> > > Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
> > > ---
> > >  fs/anon_inodes.c            | 9 +++++++++
> > >  include/linux/anon_inodes.h | 4 ++++
> > >  2 files changed, 13 insertions(+)
> >
> > [NOTE: dropping dancol@google as that email is bouncy]
> >
> > > diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c
> > > index a280156138ed..37032786b211 100644
> > > --- a/fs/anon_inodes.c
> > > +++ b/fs/anon_inodes.c
> > > @@ -148,6 +148,15 @@ struct file *anon_inode_getfile(const char *name,
> > >  }
> > >  EXPORT_SYMBOL_GPL(anon_inode_getfile);
> >
> > This function should have a comment block at the top similar to
> > anon_inode_getfile(); in fact you can likely copy-n-paste the bulk of
> > it to use as a start.
> >
> > If you don't want to bother respinning, I've got this exact patch
> > (+comments) in my patchset that I'll post later and I'm happy to
> > give/share credit if that is important to you.
> >
>
> That'd be great; no credit is fine :). Please CC me when you post it.

Will do.  I dug out my system which had the patches and I'm working on
forward porting them to v5.13-rc2; if I don't have them cleaned up
enough for posting by Thursday, I'll make sure they are at least RFC
ready by Friday.
diff mbox series

Patch

diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c
index a280156138ed..37032786b211 100644
--- a/fs/anon_inodes.c
+++ b/fs/anon_inodes.c
@@ -148,6 +148,15 @@  struct file *anon_inode_getfile(const char *name,
 }
 EXPORT_SYMBOL_GPL(anon_inode_getfile);
 
+struct file *anon_inode_getfile_secure(const char *name,
+				       const struct file_operations *fops,
+				       void *priv, int flags,
+				       const struct inode *context_inode)
+{
+	return __anon_inode_getfile(name, fops, priv, flags, context_inode, true);
+}
+EXPORT_SYMBOL_GPL(anon_inode_getfile_secure);
+
 static int __anon_inode_getfd(const char *name,
 			      const struct file_operations *fops,
 			      void *priv, int flags,
diff --git a/include/linux/anon_inodes.h b/include/linux/anon_inodes.h
index 71881a2b6f78..5deaddbd7927 100644
--- a/include/linux/anon_inodes.h
+++ b/include/linux/anon_inodes.h
@@ -15,6 +15,10 @@  struct inode;
 struct file *anon_inode_getfile(const char *name,
 				const struct file_operations *fops,
 				void *priv, int flags);
+struct file *anon_inode_getfile_secure(const char *name,
+				       const struct file_operations *fops,
+				       void *priv, int flags,
+				       const struct inode *context_inode);
 int anon_inode_getfd(const char *name, const struct file_operations *fops,
 		     void *priv, int flags);
 int anon_inode_getfd_secure(const char *name,