Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp4029538imu; Sat, 24 Nov 2018 16:44:39 -0800 (PST) X-Google-Smtp-Source: AJdET5eDtE5dF2CQ+N3wh3tplFhLrhsrRo+LS43C4YH52rmrweY9FewrXddXK5JTkJ3u9SuBfMUx X-Received: by 2002:a62:113:: with SMTP id 19mr21528382pfb.176.1543106679481; Sat, 24 Nov 2018 16:44:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543106679; cv=none; d=google.com; s=arc-20160816; b=kjWw1xjLcRiu8u+TiPwJEjoqVUt439U9IidhY3M/dPapATLeQ34xXNp0j/Z8Bcj7X2 9t1+j4RvNtEQxUxa8+qUNZ8s+Zi7Ox6ENHteVLfOIXVV92Sdbj5RhgnLKEAu88t+YzGF cPNSMi9rVPjw7wzt2fEID9ktNUxvP7Hi4+q2LYFV3D5dgH9NdMMHdLPkju3vzlKMo0fU in5FW1u+RBId1BAvgWsTGRdCNk/Ie8dRb6+7JxUVwaQ70Am7aXCxy5a8jdY6yuG6DabE cFc7xVaYfxFjuiqUm+DmSAiKRozERktyT6ogZrdcQ1bWrW4Kc2sqppOXNLgnDq4vGf+b GTaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date; bh=vDmEwogk0Haoz1Aifq+0PggvSHsIb+EhG6OLKfbVYSg=; b=SPJG/Z1XI9+UnS/ijmAlDNReRt8+v2X7IPiUsXxb+3y7JuT5CgbxeAJhcWm+JxVWiR iIbeTuBTHQQXZgOwKvuSWWB0UmnRb+I/DXvbDVbzF8yu0HjrI5F08Ly7JwqzjXv/yTKj C/3637S6dpFlaIZueMdTXB514Ys3XzEyhQcNDz01MuTb9JOrVgziV3uQs4UxedEk4Ufg BgOzvishWiqes3bYvG3VY5kvKTI0lGbMH+hpFshiRFd0Dtb0dB6o0oVdvY1p0kcJz5MG 4uxQ7u0tUYePcjQXBtOikWv3HgALLvEQuUFhkUzNpzfX7WNs98lTC9ZCGkQALTdyVDJT kOIA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id ca6si26532563plb.141.2018.11.24.16.43.58; Sat, 24 Nov 2018 16:44:39 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726515AbeKYLcP (ORCPT + 99 others); Sun, 25 Nov 2018 06:32:15 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:51118 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726238AbeKYLcP (ORCPT ); Sun, 25 Nov 2018 06:32:15 -0500 Received: from localhost.localdomain (c-24-6-170-16.hsd1.ca.comcast.net [24.6.170.16]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id 680105A8; Sun, 25 Nov 2018 00:42:30 +0000 (UTC) Date: Sat, 24 Nov 2018 16:42:29 -0800 From: Andrew Morton To: Joel Fernandes Cc: Andy Lutomirski , Stephen Rothwell , LKML , Hugh Dickins , Jann Horn , Khalid Aziz , Linux API , "open list:KERNEL SELFTEST FRAMEWORK" , Linux-MM , marcandre.lureau@redhat.com, Matthew Wilcox , Mike Kravetz , Shuah Khan Subject: Re: [PATCH -next 1/2] mm/memfd: make F_SEAL_FUTURE_WRITE seal more robust Message-Id: <20181124164229.89c670b6e7a3530ef7b0a40c@linux-foundation.org> In-Reply-To: <20181122230906.GA198127@google.com> References: <20181120052137.74317-1-joel@joelfernandes.org> <20181120183926.GA124387@google.com> <20181121070658.011d576d@canb.auug.org.au> <469B80CB-D982-4802-A81D-95AC493D7E87@amacapital.net> <20181120204710.GB22801@google.com> <20181120211335.GC22801@google.com> <20181121182701.0d8a775fda6af1f8d2be8f25@linux-foundation.org> <20181122230906.GA198127@google.com> X-Mailer: Sylpheed 3.5.1 (GTK+ 2.24.31; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 22 Nov 2018 15:09:06 -0800 Joel Fernandes wrote: > Android uses ashmem for sharing memory regions. We are looking forward to > migrating all usecases of ashmem to memfd so that we can possibly remove > the ashmem driver in the future from staging while also benefiting from > using memfd and contributing to it. Note staging drivers are also not ABI > and generally can be removed at anytime. > > One of the main usecases Android has is the ability to create a region and > mmap it as writeable, then add protection against making any "future" > writes while keeping the existing already mmap'ed writeable-region active. > This allows us to implement a usecase where receivers of the shared > memory buffer can get a read-only view, while the sender continues to > write to the buffer. See CursorWindow documentation in Android for more > details: > https://developer.android.com/reference/android/database/CursorWindow > > This usecase cannot be implemented with the existing F_SEAL_WRITE seal. > To support the usecase, this patch adds a new F_SEAL_FUTURE_WRITE seal > which prevents any future mmap and write syscalls from succeeding while > keeping the existing mmap active. > > A better way to do F_SEAL_FUTURE_WRITE seal was discussed [1] last week > where we don't need to modify core VFS structures to get the same > behavior of the seal. This solves several side-effects pointed by Andy. > self-tests are provided in later patch to verify the expected semantics. > > [1] https://lore.kernel.org/lkml/20181111173650.GA256781@google.com/ This changelog doesn't have the nifty test case code which was in earlier versions?