Message ID | 20210519113058.1979817-2-memxor@gmail.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | Create io_uring fd with ephemeral inode | expand |
On Wed, May 19, 2021 at 7:37 AM Kumar Kartikeya Dwivedi <memxor@gmail.com> wrote: > > This is the non-fd installing analogue of anon_inode_getfd_secure. In > addition to allowing LSMs to attach policy to the distinct inode, this > is also needed for checkpoint restore of an io_uring instance where a > mapped region needs to mapped back to the io_uring fd by CRIU. This is > currently not possible as all anon_inodes share a single inode. > > Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com> > --- > fs/anon_inodes.c | 9 +++++++++ > include/linux/anon_inodes.h | 4 ++++ > 2 files changed, 13 insertions(+) [NOTE: dropping dancol@google as that email is bouncy] > diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c > index a280156138ed..37032786b211 100644 > --- a/fs/anon_inodes.c > +++ b/fs/anon_inodes.c > @@ -148,6 +148,15 @@ struct file *anon_inode_getfile(const char *name, > } > EXPORT_SYMBOL_GPL(anon_inode_getfile); This function should have a comment block at the top similar to anon_inode_getfile(); in fact you can likely copy-n-paste the bulk of it to use as a start. If you don't want to bother respinning, I've got this exact patch (+comments) in my patchset that I'll post later and I'm happy to give/share credit if that is important to you. > +struct file *anon_inode_getfile_secure(const char *name, > + const struct file_operations *fops, > + void *priv, int flags, > + const struct inode *context_inode) > +{ > + return __anon_inode_getfile(name, fops, priv, flags, context_inode, true); > +} > +EXPORT_SYMBOL_GPL(anon_inode_getfile_secure);
On Wed, May 19, 2021 at 05:00:56PM +0530, Kumar Kartikeya Dwivedi wrote: > This is the non-fd installing analogue of anon_inode_getfd_secure. In > addition to allowing LSMs to attach policy to the distinct inode, this > is also needed for checkpoint restore of an io_uring instance where a > mapped region needs to mapped back to the io_uring fd by CRIU. This is > currently not possible as all anon_inodes share a single inode. No need to export it, as io_uring can't be built modular. > +struct file *anon_inode_getfile_secure(const char *name, > + const struct file_operations *fops, > + void *priv, int flags, > + const struct inode *context_inode) > +{ > + return __anon_inode_getfile(name, fops, priv, flags, context_inode, true); > +} > +EXPORT_SYMBOL_GPL(anon_inode_getfile_secure); Please avoid the overly long line here.
On Wed, May 19, 2021 at 08:52:51PM IST, Paul Moore wrote: > On Wed, May 19, 2021 at 7:37 AM Kumar Kartikeya Dwivedi > <memxor@gmail.com> wrote: > > > > This is the non-fd installing analogue of anon_inode_getfd_secure. In > > addition to allowing LSMs to attach policy to the distinct inode, this > > is also needed for checkpoint restore of an io_uring instance where a > > mapped region needs to mapped back to the io_uring fd by CRIU. This is > > currently not possible as all anon_inodes share a single inode. > > > > Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com> > > --- > > fs/anon_inodes.c | 9 +++++++++ > > include/linux/anon_inodes.h | 4 ++++ > > 2 files changed, 13 insertions(+) > > [NOTE: dropping dancol@google as that email is bouncy] > > > diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c > > index a280156138ed..37032786b211 100644 > > --- a/fs/anon_inodes.c > > +++ b/fs/anon_inodes.c > > @@ -148,6 +148,15 @@ struct file *anon_inode_getfile(const char *name, > > } > > EXPORT_SYMBOL_GPL(anon_inode_getfile); > > This function should have a comment block at the top similar to > anon_inode_getfile(); in fact you can likely copy-n-paste the bulk of > it to use as a start. > > If you don't want to bother respinning, I've got this exact patch > (+comments) in my patchset that I'll post later and I'm happy to > give/share credit if that is important to you. > That'd be great; no credit is fine :). Please CC me when you post it. > > +struct file *anon_inode_getfile_secure(const char *name, > > + const struct file_operations *fops, > > + void *priv, int flags, > > + const struct inode *context_inode) > > +{ > > + return __anon_inode_getfile(name, fops, priv, flags, context_inode, true); > > +} > > +EXPORT_SYMBOL_GPL(anon_inode_getfile_secure); > > -- > paul moore > www.paul-moore.com -- Kartikeya
On Wed, May 19, 2021 at 7:07 PM Kumar Kartikeya Dwivedi <memxor@gmail.com> wrote: > On Wed, May 19, 2021 at 08:52:51PM IST, Paul Moore wrote: > > On Wed, May 19, 2021 at 7:37 AM Kumar Kartikeya Dwivedi > > <memxor@gmail.com> wrote: > > > > > > This is the non-fd installing analogue of anon_inode_getfd_secure. In > > > addition to allowing LSMs to attach policy to the distinct inode, this > > > is also needed for checkpoint restore of an io_uring instance where a > > > mapped region needs to mapped back to the io_uring fd by CRIU. This is > > > currently not possible as all anon_inodes share a single inode. > > > > > > Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com> > > > --- > > > fs/anon_inodes.c | 9 +++++++++ > > > include/linux/anon_inodes.h | 4 ++++ > > > 2 files changed, 13 insertions(+) > > > > [NOTE: dropping dancol@google as that email is bouncy] > > > > > diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c > > > index a280156138ed..37032786b211 100644 > > > --- a/fs/anon_inodes.c > > > +++ b/fs/anon_inodes.c > > > @@ -148,6 +148,15 @@ struct file *anon_inode_getfile(const char *name, > > > } > > > EXPORT_SYMBOL_GPL(anon_inode_getfile); > > > > This function should have a comment block at the top similar to > > anon_inode_getfile(); in fact you can likely copy-n-paste the bulk of > > it to use as a start. > > > > If you don't want to bother respinning, I've got this exact patch > > (+comments) in my patchset that I'll post later and I'm happy to > > give/share credit if that is important to you. > > > > That'd be great; no credit is fine :). Please CC me when you post it. Will do. I dug out my system which had the patches and I'm working on forward porting them to v5.13-rc2; if I don't have them cleaned up enough for posting by Thursday, I'll make sure they are at least RFC ready by Friday.
diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c index a280156138ed..37032786b211 100644 --- a/fs/anon_inodes.c +++ b/fs/anon_inodes.c @@ -148,6 +148,15 @@ struct file *anon_inode_getfile(const char *name, } EXPORT_SYMBOL_GPL(anon_inode_getfile); +struct file *anon_inode_getfile_secure(const char *name, + const struct file_operations *fops, + void *priv, int flags, + const struct inode *context_inode) +{ + return __anon_inode_getfile(name, fops, priv, flags, context_inode, true); +} +EXPORT_SYMBOL_GPL(anon_inode_getfile_secure); + static int __anon_inode_getfd(const char *name, const struct file_operations *fops, void *priv, int flags, diff --git a/include/linux/anon_inodes.h b/include/linux/anon_inodes.h index 71881a2b6f78..5deaddbd7927 100644 --- a/include/linux/anon_inodes.h +++ b/include/linux/anon_inodes.h @@ -15,6 +15,10 @@ struct inode; struct file *anon_inode_getfile(const char *name, const struct file_operations *fops, void *priv, int flags); +struct file *anon_inode_getfile_secure(const char *name, + const struct file_operations *fops, + void *priv, int flags, + const struct inode *context_inode); int anon_inode_getfd(const char *name, const struct file_operations *fops, void *priv, int flags); int anon_inode_getfd_secure(const char *name,
This is the non-fd installing analogue of anon_inode_getfd_secure. In addition to allowing LSMs to attach policy to the distinct inode, this is also needed for checkpoint restore of an io_uring instance where a mapped region needs to mapped back to the io_uring fd by CRIU. This is currently not possible as all anon_inodes share a single inode. Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com> --- fs/anon_inodes.c | 9 +++++++++ include/linux/anon_inodes.h | 4 ++++ 2 files changed, 13 insertions(+)