Re: [PATCH v7 05/14] mm/memfd: Introduce MFD_INACCESSIBLE flag

From: David Hildenbrand
Date: Fri Aug 05 2022 - 09:29:03 EST

Next message: Bruno Goncalves: "Re: [5.19.0] [aarch64] WARNING: CPU: 0 PID: 1 at mm/page_alloc.c:5407 __alloc_pages+0x1a0/0x290"
Previous message: David Hildenbrand: "Re: [PATCH v7 04/14] mm/shmem: Support memfile_notifier"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 06.07.22 10:20, Chao Peng wrote:
> Introduce a new memfd_create() flag indicating the content of the
> created memfd is inaccessible from userspace through ordinary MMU
> access (e.g., read/write/mmap). However, the file content can be
> accessed via a different mechanism (e.g. KVM MMU) indirectly.
>
> It provides semantics required for KVM guest private memory support
> that a file descriptor with this flag set is going to be used as the
> source of guest memory in confidential computing environments such
> as Intel TDX/AMD SEV but may not be accessible from host userspace.
>
> The flag can not coexist with MFD_ALLOW_SEALING, future sealing is
> also impossible for a memfd created with this flag.

It's kind of weird to have it that way. Why should the user have to
care? It's the notifier requirement to have that, no?

Why can't we handle that when register a notifier? If anything is
already mapped, fail registering the notifier if the notifier has these
demands. If registering succeeds, block it internally.

Or what am I missing? We might not need the memfile set flag semantics
eventually and would not have to expose such a flag to user space.

--
Thanks,

David / dhildenb

Next message: Bruno Goncalves: "Re: [5.19.0] [aarch64] WARNING: CPU: 0 PID: 1 at mm/page_alloc.c:5407 __alloc_pages+0x1a0/0x290"
Previous message: David Hildenbrand: "Re: [PATCH v7 04/14] mm/shmem: Support memfile_notifier"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]