[PATCH v4 1/3] fs: prepare for adding LSM blob to backing_file

Serge E. Hallyn serge at hallyn.com
Sun Apr 5 00:14:50 UTC 2026 

On Thu, Apr 02, 2026 at 11:08:33PM -0400, Paul Moore wrote:
> From: Amir Goldstein <amir73il at gmail.com>
> 
> In preparation to adding LSM blob to backing_file struct, factor out
> helpers init_backing_file() and backing_file_free().
> 
> Cc: stable at vger.kernel.org
> Cc: linux-fsdevel at vger.kernel.org
> Cc: linux-unionfs at vger.kernel.org
> Cc: linux-erofs at lists.ozlabs.org
> Signed-off-by: Amir Goldstein <amir73il at gmail.com>
> [PM: use the term "LSM blob", fix comment style to match file]
> Signed-off-by: Paul Moore <paul at paul-moore.com>

Reviewed-by: Serge Hallyn <serge at hallyn.com>

> ---
>  fs/file_table.c | 22 ++++++++++++++++++++--
>  1 file changed, 20 insertions(+), 2 deletions(-)
> 
> diff --git a/fs/file_table.c b/fs/file_table.c
> index aaa5faaace1e..3b3792903185 100644
> --- a/fs/file_table.c
> +++ b/fs/file_table.c
> @@ -66,6 +66,12 @@ void backing_file_set_user_path(struct file *f, const struct path *path)
>  }
>  EXPORT_SYMBOL_GPL(backing_file_set_user_path);
>  
> +static inline void backing_file_free(struct backing_file *ff)
> +{
> +	path_put(&ff->user_path);
> +	kmem_cache_free(bfilp_cachep, ff);
> +}
> +
>  static inline void file_free(struct file *f)
>  {
>  	security_file_free(f);
> @@ -73,8 +79,7 @@ static inline void file_free(struct file *f)
>  		percpu_counter_dec(&nr_files);
>  	put_cred(f->f_cred);
>  	if (unlikely(f->f_mode & FMODE_BACKING)) {
> -		path_put(backing_file_user_path(f));
> -		kmem_cache_free(bfilp_cachep, backing_file(f));
> +		backing_file_free(backing_file(f));
>  	} else {
>  		kmem_cache_free(filp_cachep, f);
>  	}
> @@ -283,6 +288,12 @@ struct file *alloc_empty_file_noaccount(int flags, const struct cred *cred)
>  	return f;
>  }
>  
> +static int init_backing_file(struct backing_file *ff)
> +{
> +	memset(&ff->user_path, 0, sizeof(ff->user_path));
> +	return 0;
> +}
> +
>  /*
>   * Variant of alloc_empty_file() that allocates a backing_file container
>   * and doesn't check and modify nr_files.
> @@ -305,7 +316,14 @@ struct file *alloc_empty_backing_file(int flags, const struct cred *cred)
>  		return ERR_PTR(error);
>  	}
>  
> +	/* The f_mode flags must be set before fput(). */
>  	ff->file.f_mode |= FMODE_BACKING | FMODE_NOACCOUNT;
> +	error = init_backing_file(ff);
> +	if (unlikely(error)) {
> +		fput(&ff->file);
> +		return ERR_PTR(error);
> +	}
> +
>  	return &ff->file;
>  }
>  EXPORT_SYMBOL_GPL(alloc_empty_backing_file);
> -- 
> 2.53.0
>

More information about the Linux-security-module-archive mailing list