From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933935AbdKCRNW (ORCPT ); Fri, 3 Nov 2017 13:13:22 -0400 Received: from aserp1040.oracle.com ([141.146.126.69]:16944 "EHLO aserp1040.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933753AbdKCRNT (ORCPT ); Fri, 3 Nov 2017 13:13:19 -0400 Subject: Re: [PATCH 4/6] hugetlbfs: implement memfd sealing To: David Herrmann , =?UTF-8?Q?Marc-Andr=c3=a9_Lureau?= Cc: linux-mm , linux-kernel , aarcange@redhat.com, Hugh Dickins , nyc@holomorphy.com References: <20171031184052.25253-1-marcandre.lureau@redhat.com> <20171031184052.25253-5-marcandre.lureau@redhat.com> From: Mike Kravetz Message-ID: Date: Fri, 3 Nov 2017 10:12:59 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-Source-IP: aserv0022.oracle.com [141.146.126.234] Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 11/03/2017 10:03 AM, David Herrmann wrote: > Hi > > On Tue, Oct 31, 2017 at 7:40 PM, Marc-André Lureau > wrote: >> Implements memfd sealing, similar to shmem: >> - WRITE: deny fallocate(PUNCH_HOLE). mmap() write is denied in >> memfd_add_seals(). write() doesn't exist for hugetlbfs. >> - SHRINK: added similar check as shmem_setattr() >> - GROW: added similar check as shmem_setattr() & shmem_fallocate() >> >> Except write() operation that doesn't exist with hugetlbfs, that >> should make sealing as close as it can be to shmem support. > > SEAL, SHRINK, and GROW look fine to me. > > Regarding WRITE The commit message may not be clear. However, hugetlbfs does not support the write system call (or aio). The only way to modify contents of a hugetlbfs file is via mmap or hole punch/truncate. So, we do not really need to worry about those special (a)io cases for hugetlbfs. -- Mike Kravetz > you need to make sure there are no page references > left around. For instance, on shmem any process might trigger the > kernel to GUP mapped shmem pages for asynchronous IO, then unmap the > file and request F_SEAL_WRITE. In this case the seal must be rejected > *iff* the pages are still pinned. shmem does this by requiring the > page-refcounts to be 0. Preferably there would be some better > infrastructure that tells us whether someone operates on those pages, > but this does not exist right now. See shmem_wait_for_pins() for > details. > > I have little knowledge on how hugetlbs integrate with the page-cache > and radix-tree, hence I'd prefer if someone can explicitly ACK that > shmem_wait_for_pins() is suitable for hugetlbfs. > > Otherwise, this series looks good to me (minus the #ifdef mess..). > > Thanks > David > > -- > To unsubscribe, send a message with 'unsubscribe linux-mm' in > the body to majordomo@kvack.org. For more info on Linux MM, > see: http://www.linux-mm.org/ . > Don't email: email@kvack.org >