mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-17 18:56:24 +00:00
e7e832ce6f
This change adds a new function, anon_inode_getfd_secure, that creates anonymous-node file with individual non-S_PRIVATE inode to which security modules can apply policy. Existing callers continue using the original singleton-inode kind of anonymous-inode file. We can transition anonymous inode users to the new kind of anonymous inode in individual patches for the sake of bisection and review. The new function accepts an optional context_inode parameter that callers can use to provide additional contextual information to security modules. For example, in case of userfaultfd, the created inode is a 'logical child' of the context_inode (userfaultfd inode of the parent process) in the sense that it provides the security context required during creation of the child process' userfaultfd inode. Signed-off-by: Daniel Colascione <dancol@google.com> [LG: Delete obsolete comments to alloc_anon_inode()] [LG: Add context_inode description in comments to anon_inode_getfd_secure()] [LG: Remove definition of anon_inode_getfile_secure() as there are no callers] [LG: Make __anon_inode_getfile() static] [LG: Use correct error cast in __anon_inode_getfile()] [LG: Fix error handling in __anon_inode_getfile()] Signed-off-by: Lokesh Gidra <lokeshgidra@google.com> Reviewed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
27 lines
670 B
C
27 lines
670 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* include/linux/anon_inodes.h
|
|
*
|
|
* Copyright (C) 2007 Davide Libenzi <davidel@xmailserver.org>
|
|
*
|
|
*/
|
|
|
|
#ifndef _LINUX_ANON_INODES_H
|
|
#define _LINUX_ANON_INODES_H
|
|
|
|
struct file_operations;
|
|
struct inode;
|
|
|
|
struct file *anon_inode_getfile(const char *name,
|
|
const struct file_operations *fops,
|
|
void *priv, int flags);
|
|
int anon_inode_getfd(const char *name, const struct file_operations *fops,
|
|
void *priv, int flags);
|
|
int anon_inode_getfd_secure(const char *name,
|
|
const struct file_operations *fops,
|
|
void *priv, int flags,
|
|
const struct inode *context_inode);
|
|
|
|
#endif /* _LINUX_ANON_INODES_H */
|
|
|