Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752278AbdHHPqL (ORCPT ); Tue, 8 Aug 2017 11:46:11 -0400 Received: from mx1.redhat.com ([209.132.183.28]:49882 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752113AbdHHPqK (ORCPT ); Tue, 8 Aug 2017 11:46:10 -0400 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 35A34356CE Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=riel@redhat.com Message-ID: <1502207168.6577.25.camel@redhat.com> Subject: Re: [PATCH v2 0/2] mm,fork,security: introduce MADV_WIPEONFORK From: Rik van Riel To: Mike Kravetz , Florian Weimer , linux-kernel@vger.kernel.org Cc: linux-mm@kvack.org, colm@allcosts.net, akpm@linux-foundation.org, keescook@chromium.org, luto@amacapital.net, wad@chromium.org, mingo@kernel.org, kirill@shutemov.name, dave.hansen@intel.com Date: Tue, 08 Aug 2017 11:46:08 -0400 In-Reply-To: <0324df31-717d-32c1-95ef-351c5b23105f@oracle.com> References: <20170806140425.20937-1-riel@redhat.com> <1502198148.6577.18.camel@redhat.com> <0324df31-717d-32c1-95ef-351c5b23105f@oracle.com> Organization: Red Hat, Inc Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Tue, 08 Aug 2017 15:46:10 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1163 Lines: 30 On Tue, 2017-08-08 at 08:19 -0700, Mike Kravetz wrote: > The other question I was trying to bring up is "What does > MADV_WIPEONFORK > mean for various types of mappings?"  For example, if we allow > MADV_WIPEONFORK on a file backed mapping what does that mapping look > like in the child after fork?  Does it have any connection at all to > the > file?  Or, do we drop all references to the file and essentially > transform > it to a private (or shared?) anonymous mapping after fork.  What > about > System V shared memory?  What about hugetlb? My current patch turns any file-backed VMA into an empty anonymous VMA if MADV_WIPEONFORK was used on that VMA. > If the use case is fairly specific, then perhaps it makes sense to > make MADV_WIPEONFORK not applicable (EINVAL) for mappings where the > result is 'questionable'. That would be a question for Florian and Colm. If they are OK with MADV_WIPEONFORK only working on anonymous VMAs (no file mapping), that certainly could be implemented. On the other hand, I am not sure that introducing cases where MADV_WIPEONFORK does not implement wipe-on-fork semantics would reduce user confusion...