From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 542EBC7115B for ; Thu, 19 Jun 2025 11:01:36 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id EB3476B0095; Thu, 19 Jun 2025 07:01:35 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E5C986B0098; Thu, 19 Jun 2025 07:01:35 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D4B266B009C; Thu, 19 Jun 2025 07:01:35 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id C2BD86B0095 for ; Thu, 19 Jun 2025 07:01:35 -0400 (EDT) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 7AD941D7237 for ; Thu, 19 Jun 2025 11:01:35 +0000 (UTC) X-FDA: 83571859350.10.67E1BD4 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf28.hostedemail.com (Postfix) with ESMTP id CDE9BC0010 for ; Thu, 19 Jun 2025 11:01:33 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=IoMQ81Cl; spf=pass (imf28.hostedemail.com: domain of rppt@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=rppt@kernel.org; dmarc=pass (policy=quarantine) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1750330893; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=6Db+bLE0EBFHKK6xV7Cu5o7qpzkoBD5f9DDX7Qk/NBk=; b=8hG+BbIFoEXgoYALyq8sF45e2Ilbyic3UENvvCfhACRkznC3oEHbmfL919adt1p7aZAVvF MRUVV8zs/d5xxcrfTVbUr6HqORkACjW6ggWcY52VNcERbz7MSwTb+7/HMyqj+Qa9HCBRrD VfPMsIni8vIkvDE+E6K6+u2OQPb4xFE= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=IoMQ81Cl; spf=pass (imf28.hostedemail.com: domain of rppt@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=rppt@kernel.org; dmarc=pass (policy=quarantine) header.from=kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1750330893; a=rsa-sha256; cv=none; b=mM+6+/qSHRLGYU4AvLRMHIBEZke1iOfZnM3hY2mgOGbqHZ7mU5IPeji/7P973BN81Th76k XTtVNmaf99H5U5Y+G7hCsD7+7XQhE7w7O+ppyG1T8HZm80zpS8vZTJuzafomGPuAlY9uiE cstz8uC9XkFZRXskoV6UvPh2+4lU0lg= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 463895C5805; Thu, 19 Jun 2025 10:59:16 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7D62DC4CEEA; Thu, 19 Jun 2025 11:01:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1750330892; bh=rDmigmN49xXs0ZOjH9v39Y8p1cz3EI4TKppC8A5ZQxA=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=IoMQ81ClaVBTp7kQcn7uQPJivmnRlWWPqFzJYmXoRwpDIhLKNe8ZseCSKH58D42nQ xGAW7qCI/lAPesK05F0n70kScG9o+ZftkU2K5GKYU9biS8X6AHYhdsD2S8oSOQArmq 9C3jnqq6fE9oFZMI4Seld/WQmbGrVvdfxwi1CcakXNUM9voUIEYbFBaSrvMJc/e3GG 0QZCZBdWDJtcsxjdRy4GfXRCbf0P+5Zwx5CSBICvZJmA+auwqb2M+T1ddqi9F2VM2V w00NhI4ZGtEuzEp7WiCZE9TOVGDOF6v/XjicL7K4AGqyIHvztMLXrwpPJG7PEk06lE yRChYbkEztqCQ== Date: Thu, 19 Jun 2025 14:01:22 +0300 From: Mike Rapoport To: Christian Brauner Cc: Vlastimil Babka , Shivank Garg , david@redhat.com, akpm@linux-foundation.org, paul@paul-moore.com, viro@zeniv.linux.org.uk, seanjc@google.com, willy@infradead.org, pbonzini@redhat.com, tabba@google.com, afranji@google.com, ackerleytng@google.com, jack@suse.cz, hch@infradead.org, cgzones@googlemail.com, ira.weiny@intel.com, roypat@amazon.co.uk, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org Subject: Re: [PATCH] fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass Message-ID: References: <20250619073136.506022-2-shivankg@amd.com> <20250619-fixpunkt-querfeldein-53eb22d0135f@brauner> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20250619-fixpunkt-querfeldein-53eb22d0135f@brauner> X-Rspam-User: X-Rspamd-Queue-Id: CDE9BC0010 X-Rspamd-Server: rspam01 X-Stat-Signature: 4j1druiwntsthinzwwm16fba6ajj87qg X-HE-Tag: 1750330893-41828 X-HE-Meta: U2FsdGVkX18mXVEw/SM2PezaBt+PMqZiTvyULHHBIMa+HbOrsTfneHI4hHaNli9NffEWKK4C+fKw+39vUZwnVvOSyDtcOHS8keKSvDa1PA5m1R0N1f8edS1TrsFVGzDm6jF9Sv0DEXxR3CP5WMTIwEDpGWICd7/nW5Hs2nXr3nROOjPjLTQ903dokSi1kJg1TaSLw5vUUsANy/YQkLzn5lKrx5iMlLhRRtusOp5FjaCUnraAe12RXvhvQ7swHSIo7/6ZCSlfYjNKqN3gE6a5q5j0gfL0fhdU63394EsU0h0iJERZPlNd/uV3vi/o4SrPa59wqgzq5b2K2UPlqvCO8ISwIBgDNtq1bB/PQLWg9cHTktwQEMIiazxZRC1tZPONWMaT2QLUF6PXgQJzvsrzIS1x3wGxKqgveMcsGqIN3r5Eu2FW+q4faNDen+rr6sPzwVOgfUY8Bq7gtOEBLwJCE+d8mpjWKI5JGgieYSanCkZUkXd7jPIj2poBDDGer1SmC+hH2JBJmRWwhioJKABaXA6YxD8hUwTj07H5c0ocOnTNxTa9dWxivhJkCASgYLtZ7wCsskQJmbnDdPwrDjpaVI0Hnl8nSNSWWW5ZtjqpO0UzIq5skBK/dvgDbL2YJ9mEY8nfbv2BRoKkMQtBrbS1NKmh7BCM6025dCqEP5HXJwpx07pcSt2LEzUc5jiig20jfFV/HJGlGvUL9hg0WaVan0VnkS6QYV06Tl1/8tzR7aGpFrUZfQazrNhUW0dyQry/aodyw/dJsaZQVjztlIc5tpYsdeSJ31OIWSCNGDJ1GhwFiwSA+6hrICfXbnXPCo51wZWXJU81Di5HbYcnsUYU/s3vMrI7G+9DaBs0KFYGE1ZGwya3vFf4z+Yj8Xjr4bBbhrmSjSsg01VR4D+YWCVmkDiyaZMO1xqIkbNs9LY3kB7BdwHO2xT7NtxrlimdZhtoB9InHKHMGajGMdziM1y +CB0hRyh cBfm6tqCZXYDFcEwYadxJfhtb/6uBlEktbIHBM0wJJH5D9PuW4WY56xFQMUgjiPu2x6BZV+ukEYDlnuNG8r1SQI7iKwhJcoOVss9eQD/9umE3EohSADGQ4FjU19m2BdSK8/+0bndw3tRrGd1JPCufibtxUHfigCqFOa6hOxP43zSBh8h+wn5XMmdko9n1oCevIV+Q9La1IAAeZxu8ADWFB9cI4rqtQg860KbmY5iBb+KA0oZtoWWDTkkhopP2zfCE4zC5f6H15qDs84C5oRH8Y6AiTdjnNCOlVhymt63lT6ZEAl4/K/dDF68OSw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Thu, Jun 19, 2025 at 12:38:25PM +0200, Christian Brauner wrote: > On Thu, Jun 19, 2025 at 11:13:49AM +0200, Vlastimil Babka wrote: > > On 6/19/25 09:31, Shivank Garg wrote: > > > Export anon_inode_make_secure_inode() to allow KVM guest_memfd to create > > > anonymous inodes with proper security context. This replaces the current > > > pattern of calling alloc_anon_inode() followed by > > > inode_init_security_anon() for creating security context manually. > > > > > > This change also fixes a security regression in secretmem where the > > > S_PRIVATE flag was not cleared after alloc_anon_inode(), causing > > > LSM/SELinux checks to be bypassed for secretmem file descriptors. > > > > > > As guest_memfd currently resides in the KVM module, we need to export this > > > > Could we use the new EXPORT_SYMBOL_GPL_FOR_MODULES() thingy to make this > > explicit for KVM? > > Oh? Enlighten me about that, if you have a second, please. >From Documentation/core-api/symbol-namespaces.rst: The macro takes a comma separated list of module names, allowing only those modules to access this symbol. Simple tail-globs are supported. For example:: EXPORT_SYMBOL_GPL_FOR_MODULES(preempt_notifier_inc, "kvm,kvm-*") will limit usage of this symbol to modules whoes name matches the given patterns. -- Sincerely yours, Mike.