[PATCH v9 1/3] Add a new LSM-supporting anonymous inode interface
Eric Biggers
ebiggers at kernel.org
Fri Oct 9 04:45:19 UTC 2020
On Wed, Sep 23, 2020 at 12:33:22PM -0700, Lokesh Gidra wrote:
> +static struct file *_anon_inode_getfile(const char *name,
> + const struct file_operations *fops,
> + void *priv, int flags,
> + const struct inode *context_inode,
> + bool secure)
> +{
Nit: in Linux kernel code, using double underscore function prefixes is much
more common than single underscores.
> +/**
> + * Like anon_inode_getfd(), but adds the @context_inode argument to
> + * allow security modules to control creation of the new file. Once the
> + * security module makes the decision, this inode is no longer needed
> + * and hence reference to it is not held.
> + */
> +int anon_inode_getfd_secure(const char *name, const struct file_operations *fops,
> + void *priv, int flags,
> + const struct inode *context_inode)
> +{
> + return _anon_inode_getfd(name, fops, priv, flags, context_inode, true);
> +}
> +EXPORT_SYMBOL_GPL(anon_inode_getfd_secure);
This new function has two callers, one of which passes context_inode=NULL.
But from the comment, it sounds like the purpose of this function is just to add
the context_inode argument. So one would expect anon_inode_getfd() to be
equivalent to anon_inode_getfd_secure(..., NULL).
Apparently, that's not actually the case though. Can you fix the comment to
describe what the function actually does?
- Eric
More information about the Linux-security-module-archive
mailing list