From mboxrd@z Thu Jan 1 00:00:00 1970 From: Paolo Bonzini Subject: Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users Date: Wed, 13 Mar 2019 15:12:28 -0400 (EDT) Message-ID: <1934896481.7779933.1552504348591.JavaMail.zimbra@redhat.com> References: <20190311093701.15734-1-peterx@redhat.com> <58e63635-fc1b-cb53-a4d1-237e6b8b7236@oracle.com> <20190313060023.GD2433@xz-x1> <3714d120-64e3-702e-6eef-4ef253bdb66d@redhat.com> <20190313185230.GH25147@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Cc: Peter Xu , Mike Kravetz , linux-kernel@vger.kernel.org, Hugh Dickins , Luis Chamberlain , Maxime Coquelin , kvm@vger.kernel.org, Jerome Glisse , Pavel Emelyanov , Johannes Weiner , Martin Cracauer , Denis Plotnikov , linux-mm@kvack.org, Marty McFadden , Maya Gokhale , Mike Rapoport , Kees Cook , Mel Gorman , "Kirill A . Shutemov" , linux-fsdevel@vger.kernel.org, "Dr . David Alan Gilbert" , To: Andrea Arcangeli Return-path: In-Reply-To: <20190313185230.GH25147@redhat.com> Sender: linux-kernel-owner@vger.kernel.org List-Id: kvm.vger.kernel.org > On Wed, Mar 13, 2019 at 09:22:31AM +0100, Paolo Bonzini wrote: > Unless somebody suggests a consistent way to make hugetlbfs "just > work" (like we could achieve clean with CRIU and KVM), I think Oracle > will need a one liner change in the Oracle setup to echo into that > file in addition of running the hugetlbfs mount. Hi Andrea, can you explain more in detail the risks of enabling userfaultfd for unprivileged users? Paolo > Note that DPDK host bridge process will also need a one liner change > to do a dummy open/close of /dev/kvm to unblock the syscall. > > Thanks, > Andrea >