Re: [PATCH v9 1/3] Add a new LSM-supporting anonymous inode interface

From: Eric Biggers
Date: Fri Oct 09 2020 - 00:45:24 EST


On Wed, Sep 23, 2020 at 12:33:22PM -0700, Lokesh Gidra wrote:
> +static struct file *_anon_inode_getfile(const char *name,
> + const struct file_operations *fops,
> + void *priv, int flags,
> + const struct inode *context_inode,
> + bool secure)
> +{

Nit: in Linux kernel code, using double underscore function prefixes is much
more common than single underscores.

> +/**
> + * Like anon_inode_getfd(), but adds the @context_inode argument to
> + * allow security modules to control creation of the new file. Once the
> + * security module makes the decision, this inode is no longer needed
> + * and hence reference to it is not held.
> + */
> +int anon_inode_getfd_secure(const char *name, const struct file_operations *fops,
> + void *priv, int flags,
> + const struct inode *context_inode)
> +{
> + return _anon_inode_getfd(name, fops, priv, flags, context_inode, true);
> +}
> +EXPORT_SYMBOL_GPL(anon_inode_getfd_secure);

This new function has two callers, one of which passes context_inode=NULL.

But from the comment, it sounds like the purpose of this function is just to add
the context_inode argument. So one would expect anon_inode_getfd() to be
equivalent to anon_inode_getfd_secure(..., NULL).

Apparently, that's not actually the case though. Can you fix the comment to
describe what the function actually does?

- Eric