Re: [PATCH] fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass

[Shivank Garg]

On 6/19/2025 2:43 PM, Vlastimil Babka wrote:
> On 6/19/25 09:31, Shivank Garg wrote:
>> Export anon_inode_make_secure_inode() to allow KVM guest_memfd to create
>> anonymous inodes with proper security context. This replaces the current
>> pattern of calling alloc_anon_inode() followed by
>> inode_init_security_anon() for creating security context manually.
>>
>> This change also fixes a security regression in secretmem where the
>> S_PRIVATE flag was not cleared after alloc_anon_inode(), causing
>> LSM/SELinux checks to be bypassed for secretmem file descriptors.
>>
>> As guest_memfd currently resides in the KVM module, we need to export this
> 
> Could we use the new EXPORT_SYMBOL_GPL_FOR_MODULES() thingy to make this
> explicit for KVM?
> 

Thanks for the suggestion.
I wasn't aware of this earlier. I think it makes sense to use it now.

So, the code would look like this:

+EXPORT_SYMBOL_GPL_FOR_MODULES(anon_inode_make_secure_inode, "kvm");

which builds fine for me. I hope this is the correct usage.

Thanks,
Shivank