Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752245Ab3HCXzA (ORCPT ); Sat, 3 Aug 2013 19:55:00 -0400 Received: from mail-oa0-f53.google.com ([209.85.219.53]:46012 "EHLO mail-oa0-f53.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750875Ab3HCXy7 (ORCPT ); Sat, 3 Aug 2013 19:54:59 -0400 MIME-Version: 1.0 In-Reply-To: <20130801083608.GJ221@brightrain.aerifal.cx> References: <20130622103158.GA16304@infradead.org> <20130801082951.GA23563@infradead.org> <20130801083608.GJ221@brightrain.aerifal.cx> From: KOSAKI Motohiro Date: Sat, 3 Aug 2013 19:54:38 -0400 Message-ID: Subject: Re: RFC: named anonymous vmas To: Rich Felker Cc: Christoph Hellwig , Colin Cross , lkml , Linux-MM , Android Kernel Team , John Stultz , libc-alpha Content-Type: text/plain; charset=ISO-8859-1 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1843 Lines: 32 On Thu, Aug 1, 2013 at 4:36 AM, Rich Felker wrote: > On Thu, Aug 01, 2013 at 01:29:51AM -0700, Christoph Hellwig wrote: >> Btw, FreeBSD has an extension to shm_open to create unnamed but fd >> passable segments. From their man page: >> >> As a FreeBSD extension, the constant SHM_ANON may be used for the path >> argument to shm_open(). In this case, an anonymous, unnamed shared >> memory object is created. Since the object has no name, it cannot be >> removed via a subsequent call to shm_unlink(). Instead, the shared >> memory object will be garbage collected when the last reference to the >> shared memory object is removed. The shared memory object may be shared >> with other processes by sharing the file descriptor via fork(2) or >> sendmsg(2). Attempting to open an anonymous shared memory object with >> O_RDONLY will fail with EINVAL. All other flags are ignored. >> >> To me this sounds like the best way to expose this functionality to the >> user. Implementing it is another question as shm_open sits in libc, >> we could either take it and shm_unlink to the kernel, or use O_TMPFILE >> on tmpfs as the backend. > > I'm not sure what the purpose is. shm_open with a long random filename > and O_EXCL|O_CREAT, followed immediately by shm_unlink, is just as > good except in the case where you have a malicious user killing the > process in between these two operations. Practically, filename length is restricted by NAME_MAX(255bytes). Several people don't think it is enough long length. The point is, race free API. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/