[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v7 05/14] mm/memfd: Introduce MFD_INACCESSIBLE flag
|
From: |
Chao Peng |
|
Subject: |
Re: [PATCH v7 05/14] mm/memfd: Introduce MFD_INACCESSIBLE flag |
|
Date: |
Wed, 10 Aug 2022 17:37:41 +0800 |
On Fri, Aug 05, 2022 at 03:28:50PM +0200, David Hildenbrand wrote:
> On 06.07.22 10:20, Chao Peng wrote:
> > Introduce a new memfd_create() flag indicating the content of the
> > created memfd is inaccessible from userspace through ordinary MMU
> > access (e.g., read/write/mmap). However, the file content can be
> > accessed via a different mechanism (e.g. KVM MMU) indirectly.
> >
> > It provides semantics required for KVM guest private memory support
> > that a file descriptor with this flag set is going to be used as the
> > source of guest memory in confidential computing environments such
> > as Intel TDX/AMD SEV but may not be accessible from host userspace.
> >
> > The flag can not coexist with MFD_ALLOW_SEALING, future sealing is
> > also impossible for a memfd created with this flag.
>
> It's kind of weird to have it that way. Why should the user have to
> care? It's the notifier requirement to have that, no?
>
> Why can't we handle that when register a notifier? If anything is
> already mapped, fail registering the notifier if the notifier has these
> demands. If registering succeeds, block it internally.
>
> Or what am I missing? We might not need the memfile set flag semantics
> eventually and would not have to expose such a flag to user space.
This makes sense if doable. The major concern was: is there a reliable
way to detect this (already mapped) at the time of memslot registering.
Chao
>
> --
> Thanks,
>
> David / dhildenb
>