Re: [PATCH v3 0/7] File Sealing & memfd_create()
From: Florian Weimer <hidden>
Date: 2014-06-17 10:04:56
Also in:
linux-api, linux-fsdevel, lkml
From: Florian Weimer <hidden>
Date: 2014-06-17 10:04:56
Also in:
linux-api, linux-fsdevel, lkml
On 06/17/2014 12:01 PM, David Herrmann wrote:
quoted
I don't think this is what potential users expect because mlock requires capabilities which are not available to them. A couple of weeks ago, sealing was to be applied to anonymous shared memory. Has this changed? Why should *reading* it trigger OOM?The file might have holes, therefore, you'd have to allocate backing pages. This might hit a soft-limit and fail. To avoid this, use fallocate() to allocate pages prior to mmap()
This does not work because the consuming side does not know how the descriptor was set up if sealing does not imply that.
or mlock() to make the kernel lock them in memory.
See above for why that does not work. I think you should eliminate the holes on sealing and report ENOMEM there if necessary. -- Florian Weimer / Red Hat Product Security Team -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>