Re: [PATCH RFC] mm: add MAP_EXCLUSIVE to create exclusive user mappings

From: Andy Lutomirski
Date: Mon Oct 28 2019 - 16:45:27 EST

Next message: Tuowen Zhao: "Fwd: [PATCH v5 1/4] sparc64: implement ioremap_uc"
Previous message: Mimi Zohar: "Re: [PATCH v1] selftest/trustedkeys: TPM 1.2 trusted keys test"
In reply to: Mike Rapoport: "Re: [PATCH RFC] mm: add MAP_EXCLUSIVE to create exclusive user mappings"
Next in thread: Mike Rapoport: "Re: [PATCH RFC] mm: add MAP_EXCLUSIVE to create exclusive user mappings"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On Oct 27, 2019, at 4:17 AM, Mike Rapoport <rppt@xxxxxxxxxx> wrote:
>
> ïFrom: Mike Rapoport <rppt@xxxxxxxxxxxxx>
>
> Hi,
>
> The patch below aims to allow applications to create mappins that have
> pages visible only to the owning process. Such mappings could be used to
> store secrets so that these secrets are not visible neither to other
> processes nor to the kernel.
>
> I've only tested the basic functionality, the changes should be verified
> against THP/migration/compaction. Yet, I'd appreciate early feedback.

Iâve contemplated the concept a fair amount, and I think you should consider a change to the API. In particular, rather than having it be a MAP_ flag, make it a chardev. You can, at least at first, allow only MAP_SHARED, and admins can decide who gets to use it. It might also play better with the VM overall, and you wonât need a VM_ flag for it â you can just wire up .fault to do the right thing.

Next message: Tuowen Zhao: "Fwd: [PATCH v5 1/4] sparc64: implement ioremap_uc"
Previous message: Mimi Zohar: "Re: [PATCH v1] selftest/trustedkeys: TPM 1.2 trusted keys test"
In reply to: Mike Rapoport: "Re: [PATCH RFC] mm: add MAP_EXCLUSIVE to create exclusive user mappings"
Next in thread: Mike Rapoport: "Re: [PATCH RFC] mm: add MAP_EXCLUSIVE to create exclusive user mappings"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]