From mboxrd@z Thu Jan 1 00:00:00 1970 From: Florian Weimer Subject: Re: [PATCH v3 0/7] File Sealing & memfd_create() Date: Tue, 17 Jun 2014 12:04:56 +0200 Message-ID: <53A012C8.7060109@redhat.com> References: <1402655819-14325-1-git-send-email-dh.herrmann@gmail.com> <53A01049.6020502@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: Sender: owner-linux-mm@kvack.org To: David Herrmann Cc: Andy Lutomirski , "linux-kernel@vger.kernel.org" , Michael Kerrisk , Ryan Lortie , Linus Torvalds , Andrew Morton , "linux-mm@kvack.org" , Linux FS Devel , Linux API , Greg Kroah-Hartman , John Stultz , Lennart Poettering , Daniel Mack , Kay Sievers , Hugh Dickins , Tony Battersby List-Id: linux-api@vger.kernel.org On 06/17/2014 12:01 PM, David Herrmann wrote: >> I don't think this is what potential users expect because mlock requires >> capabilities which are not available to them. >> >> A couple of weeks ago, sealing was to be applied to anonymous shared memory. >> Has this changed? Why should *reading* it trigger OOM? > > The file might have holes, therefore, you'd have to allocate backing > pages. This might hit a soft-limit and fail. To avoid this, use > fallocate() to allocate pages prior to mmap() This does not work because the consuming side does not know how the descriptor was set up if sealing does not imply that. > or mlock() to make the kernel lock them in memory. See above for why that does not work. I think you should eliminate the holes on sealing and report ENOMEM there if necessary. -- Florian Weimer / Red Hat Product Security Team -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org