On 7/1/2025 2:03 PM, Christian Brauner wrote: > On Thu, 26 Jun 2025 19:14:29 +0000, Shivank Garg wrote: >> Extend anon_inode_make_secure_inode() to take superblock parameter and >> make it available via fs.h. This allows other subsystems to create >> anonymous inodes with proper security context. >> >> Use this function in secretmem to fix a security regression, where >> S_PRIVATE flag wasn't cleared after alloc_anon_inode(), causing >> LSM/SELinux checks to be skipped. >> >> [...] > > Applied to the vfs-6.17.misc branch of the vfs/vfs.git tree. > Patches in the vfs-6.17.misc branch should appear in linux-next soon. > > Please report any outstanding bugs that were missed during review in a > new review to the original patch series allowing us to drop it. > > It's encouraged to provide Acked-bys and Reviewed-bys even though the > patch has now been applied. If possible patch trailers will be updated. > > Note that commit hashes shown below are subject to change due to rebase, > trailer updates or similar. If in doubt, please check the listed branch. > > tree: https://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs.git > branch: vfs-6.17.misc > > [1/1] fs: generalize anon_inode_make_secure_inode() and fix secretmem LSM bypass > https://git.kernel.org/vfs/vfs/c/4dc65f072c2b Hi Christian, I think there may have been a mix-up with the patch versions that got merged. We had agreed to use V3 of the patch (without EXPORT), which appears to be correctly merged in the vfs tree: https://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs.git/commit/?h=vfs.all&id=4dc65f072c2b30ae3653b76208a926f767c402a0 However, it looks like V2 (with EXPORT_SYMBOL_GPL_FOR_MODULES) was merged into Linus's tree instead: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cbe4134ea4bc493239786220bd69cb8a13493190 Thanks, Shivank
