From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5FA2EC3601E for ; Thu, 10 Apr 2025 14:23:38 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E892F280105; Thu, 10 Apr 2025 10:23:36 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E1100280103; Thu, 10 Apr 2025 10:23:36 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CB0FE280105; Thu, 10 Apr 2025 10:23:36 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id AB0AD280103 for ; Thu, 10 Apr 2025 10:23:36 -0400 (EDT) Received: from smtpin28.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 29788ADE05 for ; Thu, 10 Apr 2025 14:23:37 +0000 (UTC) X-FDA: 83318352474.28.326F44C Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) by imf01.hostedemail.com (Postfix) with ESMTP id 0907F4000A for ; Thu, 10 Apr 2025 14:23:33 +0000 (UTC) Authentication-Results: imf01.hostedemail.com; dkim=pass header.d=infradead.org header.s=bombadil.20210309 header.b=0CD1m9e0; dmarc=none; spf=none (imf01.hostedemail.com: domain of BATV+8af77f6ab8959e5caacb+7900+infradead.org+hch@bombadil.srs.infradead.org has no SPF policy when checking 198.137.202.133) smtp.mailfrom=BATV+8af77f6ab8959e5caacb+7900+infradead.org+hch@bombadil.srs.infradead.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1744295015; a=rsa-sha256; cv=none; b=suGiTa+BWlHQHHSKKFHOb7H+icbb99ySd7DpUbx6g2A1xZSJuKgG9YC20oR4JE/OBFkM7R oVltkq5Rq8pd6mLkcNWCYnxa+ntN5swP550xRL4wPLwNddnQWNO1WbkZVQuHuGIqArjJzk udI0m7Eu4iuW5TtlZC5A3xlL9qYaMcI= ARC-Authentication-Results: i=1; imf01.hostedemail.com; dkim=pass header.d=infradead.org header.s=bombadil.20210309 header.b=0CD1m9e0; dmarc=none; spf=none (imf01.hostedemail.com: domain of BATV+8af77f6ab8959e5caacb+7900+infradead.org+hch@bombadil.srs.infradead.org has no SPF policy when checking 198.137.202.133) smtp.mailfrom=BATV+8af77f6ab8959e5caacb+7900+infradead.org+hch@bombadil.srs.infradead.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1744295015; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Sje0mXCO8uUiowTlFETq7gVVR2y68OmKN7E7RZiwNSw=; b=vH3C+4ZyAAN2R/TjRb4JUXYWIM3YlvdkMcjM3vyMccVPP8nULV6R3/JPe2oNRzLZsKpmYE 3TUxC5QQk/DH8gt+QemBv1FnZIGVN3lba6EW4JkanEhJAKoOEIaIF0E7MmAQN1drr8nTmd S/fN2JPvtavlgmN8EC/ex3p8sJYWakc= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20210309; h=In-Reply-To:Content-Type:MIME-Version :References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=Sje0mXCO8uUiowTlFETq7gVVR2y68OmKN7E7RZiwNSw=; b=0CD1m9e04quHGOpw8NHRSXbjD+ ThjnIJYoOyyFvb/yn27LI6/uJ5XxIl13/WyJQVD/xFCBnpt611XkipXZzfH8fnZK36MVkKtg67O5o iQZ38Bj6MOEB/cqasGjSP1WF/wZDPZpkqLoK4eRuT3ejQc4c0EyWcUXD6ZRKm1O7RRqXefFBsT5JB iKRtD3y9PxJqDL2zWSvps5l73BVvL+jIa5drSgn20dKKLIjuQW5RADSR4gBG53XeTd/8BqkCRpS3e ChbqPUvdkLIymD5FRmHm11UlzJkVWBTQwdOOYqK321HEVrS5xhj0P8DgLwnsMt/TbOmnfeaZUsxN6 QZQzjGIA==; Received: from hch by bombadil.infradead.org with local (Exim 4.98.2 #2 (Red Hat Linux)) id 1u2soP-0000000Apj7-062H; Thu, 10 Apr 2025 14:23:25 +0000 Date: Thu, 10 Apr 2025 07:23:24 -0700 From: Christoph Hellwig To: Ackerley Tng Cc: Christoph Hellwig , Shivank Garg , seanjc@google.com, david@redhat.com, vbabka@suse.cz, willy@infradead.org, akpm@linux-foundation.org, shuah@kernel.org, pbonzini@redhat.com, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, pvorel@suse.cz, bfoster@redhat.com, tabba@google.com, vannapurve@google.com, chao.gao@intel.com, bharata@amd.com, nikunj@amd.com, michael.day@amd.com, yan.y.zhao@intel.com, Neeraj.Upadhyay@amd.com, thomas.lendacky@amd.com, michael.roth@amd.com, aik@amd.com, jgg@nvidia.com, kalyazin@amazon.com, peterx@redhat.com, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, kvm@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-coco@lists.linux.dev Subject: Re: [PATCH RFC v7 5/8] KVM: guest_memfd: Make guest mem use guest mem inodes instead of anonymous inodes Message-ID: References: <20250408112402.181574-1-shivankg@amd.com> <20250408112402.181574-6-shivankg@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-SRS-Rewrite: SMTP reverse-path rewritten from by bombadil.infradead.org. See http://www.infradead.org/rpr.html X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 0907F4000A X-Stat-Signature: 3he398nmojmi3u1n3zwxaj4hpzhwgcpm X-Rspam-User: X-HE-Tag: 1744295013-987176 X-HE-Meta: U2FsdGVkX1+v/qKsYpIY9d8nBtN5qd6kGXG5V5j9lj+Mg639TaLBMIb67JqUUNS9rHvwGvNV/z7o2wt8JG+1aQKuyvPykl8wE6dZtyGYdGOAlOVKy5AZ1js7lCyhtDtzoXGqL7Dn4gfUx4axoWJh7jLFjA57No2hWDbpioOP0D9SG3gug1GXMET1AZBehZLTbG/2GRlywX4+IlRKAxdFV1WcZp/RMucYICcsXf6eEIKR3nqbvgQUpDRSLZ07QZtFZo8wfPItF2yhBm+Me5FgshOwDVJJac5U7eHJ2hY32VOmmd2j8H2wHUcNnQhzzt16qvBmZyylTLjeLxNtiQg+K1MxKURZPWjBObDGAWZgzDurwgBz85kWZ0a3ASHG3Gllbb6KxJFxt/mJSGSFs1ok4QyQ/EO4if401PGiLkd2wrKJy0f9dFImmS2+r2d7yVNkO/y/5R4a+zk38T9aTZPiki8W6IrBcR8izpaoX1fHfBZ7J2DWRzuQzkjnIMMPGRukgkfMzSJVad3xKOkin/kM2FOhpsTh2pbS9Htm6vGNkmvsNyjP1AvEpxSQauIddv2nJLVXixmNYoSgP48xs5sYr6yL+qE0cYQ8HTFgp0xrC3y0taTL+fCifAMV/kcRyMpm6zm6x7WF+5yuzA3PGjn89gvL4CDYUQ6BGVQW4xUoUHvihDsRL1nIocYyO1hPhuHCN9bwnblinEpMwTpKLA0slHO4tQfHUc8IxWwd9ircvFSShwxYTTsq8Ye1HMNYB9aBP3lMGvhjVEvrONu77e5XeDt8uD29S9+E5bfnL80ka1wNpgg2+p62GvFTm2ICFkXN+b3hoduHSg8KBKglOoCHlIrWLnd+ma3RTcXa+CbwqMjEsAONPIoQAFh3n0xVAfhEX1V+mHGVEkU1GqpLWyLJWf96Ub0JPiS5acceCPqGn6p/HuGmbla29U4Up8rKGlJKLLeXa8+C2KVbyoNxabY 4JVxKUgV MdrN0nx2sCtp1bQy1/9k9Ry8/o5a2KlyT0jPHfnRC7BHJ09RBMSEtwUqKbZuRDnTVE9AytN5oByJ9KEIXEicgY0LAyT29WoVITs4pxUlMh+ehDK4RbXxh0mEW7aI60sf6oS9GByLYIuntXp6UQ0VafS6wD2wvm+tq+93SZL2dOMXVp13MvvevtOmNJAHztvI2h9PMsgn2SYSA6v9SlK5kxGwNMIkqQpRQVv5wE0FrgCj1nLk/KoUg29E/ClUOm80+b0OGBOu4NCDZqysaFnhVLWX2hoIZq6dNR0faNT8wN/CcGLjLjlgV8xx70MIdlu3aYilQMsYg0X9NWAuV2YJxK54+Od3ROcU2qX8kgPZaWISb3n2ecEeOoYkaecHsTO/x1wrdTcTntyccA8xrZ+dogFNx02ifMJuITkEBiFiKJSxuUbQetqv4FuD/S0naYNNb/H5Ct5pUsKJrBFYr/fVh5g9j1FkkV6tg7PNt8jqmcMb3Ie6Mjqw6pdWkyZNngBLf5EjPI6YjFK+1Wv90xbz4JMlK0oRX4V8mTITBMmvlU5zEjR0= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Thu, Apr 10, 2025 at 06:53:15AM -0700, Ackerley Tng wrote: > > So why do other alloc_anon_inode callers not need > > security_inode_init_security_anon? > > Thanks for this tip! > > When I did this refactoring, I was just refactoring > anon_inode_create_getfile(), to set up the guest_memfd inode and file in > separate stages, and anon_inode_create_getfile() was already using > security_inode_init_security_anon(). > > In the next revision I can remove this call. > > Is it too late to remove the call to security_inode_init_security_anon() > though? IIUC it is used by LSMs, which means security modules may > already be assuming this call? I'd really like to here from the security folks if we need it or not, both in this case and for other alloc_anon_inode callers.