[PATCH] fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass
Shivank Garg
shivankg at amd.com
Thu Jun 19 09:53:52 UTC 2025
On 6/19/2025 2:43 PM, Vlastimil Babka wrote:
> On 6/19/25 09:31, Shivank Garg wrote:
>> Export anon_inode_make_secure_inode() to allow KVM guest_memfd to create
>> anonymous inodes with proper security context. This replaces the current
>> pattern of calling alloc_anon_inode() followed by
>> inode_init_security_anon() for creating security context manually.
>>
>> This change also fixes a security regression in secretmem where the
>> S_PRIVATE flag was not cleared after alloc_anon_inode(), causing
>> LSM/SELinux checks to be bypassed for secretmem file descriptors.
>>
>> As guest_memfd currently resides in the KVM module, we need to export this
>
> Could we use the new EXPORT_SYMBOL_GPL_FOR_MODULES() thingy to make this
> explicit for KVM?
>
Thanks for the suggestion.
I wasn't aware of this earlier. I think it makes sense to use it now.
So, the code would look like this:
+EXPORT_SYMBOL_GPL_FOR_MODULES(anon_inode_make_secure_inode, "kvm");
which builds fine for me. I hope this is the correct usage.
Thanks,
Shivank
More information about the Linux-security-module-archive
mailing list