> On 11/04/2020 6:02 PM Mike Rapoport wrote:
>
> Yes, this will work. The processes that share the memfd_secret file
> descriptor will have access to the same memory pages, pretty much like
> with shared memory.
Perfect!
Acked-by: Hagen Paul Pfeifer
Thank you for the effort Mike, if zeroize
On Wed, Nov 04, 2020 at 12:39:13PM +0100, Hagen Paul Pfeifer wrote:
> > On 11/03/2020 5:30 PM Mike Rapoport wrote:
> >
> > > > As long as the task share the file descriptor, they can share the
> > > > secretmem pages, pretty much like normal memfd.
> > >
> > > Including process_vm_readv() and
> On 11/03/2020 5:30 PM Mike Rapoport wrote:
>
> > > As long as the task share the file descriptor, they can share the
> > > secretmem pages, pretty much like normal memfd.
> >
> > Including process_vm_readv() and process_vm_writev()? Let's take a
> > hypothetical
> > "dbus-daemon-secure"
On Tue, Nov 03, 2020 at 02:52:14PM +0100, Hagen Paul Pfeifer wrote:
> > On 11/02/2020 4:40 PM Mike Rapoport wrote:
>
> > > Isn't memfd_secret currently *unnecessarily* designed to be a "one task
> > > feature"? memfd_secret fulfills exactly two (generic) features:
> > >
> > > - address space
> On 11/02/2020 4:40 PM Mike Rapoport wrote:
> > Isn't memfd_secret currently *unnecessarily* designed to be a "one task
> > feature"? memfd_secret fulfills exactly two (generic) features:
> >
> > - address space isolation from kernel (aka SECRET_EXCLUSIVE, not in kernel's
> > direct map) -
On 03.11.20 10:52, Mike Rapoport wrote:
On Mon, Nov 02, 2020 at 06:51:09PM +0100, David Hildenbrand wrote:
Assume you have a system with quite some ZONE_MOVABLE memory (esp. in
virtualized environments), eating up a significant amount of !ZONE_MOVABLE
memory dynamically at runtime can lead to
On Mon, Nov 02, 2020 at 06:51:09PM +0100, David Hildenbrand wrote:
> > > Assume you have a system with quite some ZONE_MOVABLE memory (esp. in
> > > virtualized environments), eating up a significant amount of !ZONE_MOVABLE
> > > memory dynamically at runtime can lead to non-obvious issues. It
Assume you have a system with quite some ZONE_MOVABLE memory (esp. in
virtualized environments), eating up a significant amount of !ZONE_MOVABLE
memory dynamically at runtime can lead to non-obvious issues. It looks like
you have plenty of free memory, but the kernel might still OOM when trying
On Mon, Nov 02, 2020 at 10:11:12AM +0100, David Hildenbrand wrote:
> On 24.09.20 15:28, Mike Rapoport wrote:
> > From: Mike Rapoport
> >
> > Hi,
> >
> > This is an implementation of "secret" mappings backed by a file descriptor.
> > I've dropped the boot time reservation patch for now as it is
On Sun, Nov 01, 2020 at 12:09:35PM +0100, Hagen Paul Pfeifer wrote:
> * Mike Rapoport | 2020-09-24 16:28:58 [+0300]:
>
> >This is an implementation of "secret" mappings backed by a file descriptor.
> >I've dropped the boot time reservation patch for now as it is not strictly
> >required for the
On 02.11.20 10:11, David Hildenbrand wrote:
On 24.09.20 15:28, Mike Rapoport wrote:
From: Mike Rapoport
Hi,
This is an implementation of "secret" mappings backed by a file descriptor.
I've dropped the boot time reservation patch for now as it is not strictly
required for the basic usage and
On 24.09.20 15:28, Mike Rapoport wrote:
From: Mike Rapoport
Hi,
This is an implementation of "secret" mappings backed by a file descriptor.
I've dropped the boot time reservation patch for now as it is not strictly
required for the basic usage and can be easily added later either with or
* Mike Rapoport | 2020-09-24 16:28:58 [+0300]:
>This is an implementation of "secret" mappings backed by a file descriptor.
>I've dropped the boot time reservation patch for now as it is not strictly
>required for the basic usage and can be easily added later either with or
>without CMA.
Isn't
On Thu, Sep 24, 2020 at 07:34:28PM -0700, Andrew Morton wrote:
> On Thu, 24 Sep 2020 16:28:58 +0300 Mike Rapoport wrote:
>
> > From: Mike Rapoport
> >
> > Hi,
> >
> > This is an implementation of "secret" mappings backed by a file descriptor.
> > I've dropped the boot time reservation patch
On Thu, 24 Sep 2020 16:28:58 +0300 Mike Rapoport wrote:
> From: Mike Rapoport
>
> Hi,
>
> This is an implementation of "secret" mappings backed by a file descriptor.
> I've dropped the boot time reservation patch for now as it is not strictly
> required for the basic usage and can be easily
From: Mike Rapoport
Hi,
This is an implementation of "secret" mappings backed by a file descriptor.
I've dropped the boot time reservation patch for now as it is not strictly
required for the basic usage and can be easily added later either with or
without CMA.
v6 changes:
* Silence the
16 matches
Mail list logo