Received: by 2002:a05:6a10:a852:0:0:0:0 with SMTP id d18csp706518pxy; Wed, 5 May 2021 11:44:10 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyYKdHF3HDSVxwXWyxmDTLVPn59QUDIDTtQEjBv8JyrHeuX1DJdp8JVy2Md0xSlVjca5EIz X-Received: by 2002:a17:906:f0d1:: with SMTP id dk17mr202614ejb.256.1620240250395; Wed, 05 May 2021 11:44:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1620240250; cv=none; d=google.com; s=arc-20160816; b=KxCbKsd3mY+KP+PHEAeaBTUoLmqco/2ukcrWLRS3O04XS6cT1rU9gCoi7VyKnhuQD/ rUbI7ZMYNR2i+PBBDKq2276/v10qyIeFeiVJtvx6PzCAT/U89dYpLlJjulnRJBD9xqD1 crF7hoh/aZoQinY1W6Np4BOCa0CaaaEINDGoBvCMyxWsEoeay4v+ojDesDWOpUQU6tkD y0iuf7Im4ZxyjrCy0W2QUY/8ozbZVoBRf9VQoKSSQBNYdFLexSFvqpTGQgF5xC96THJx WzkXXgWvSZJ3lg4cgxjQmEt3DVho6Ob/GrTFXFHTS5m0RHtsPDKZ+/3z5O8ZdeUKLjZI FukA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=ZtVgorg1zZS8VLz6ZkmKBwpxdrKeM7t+NX3g8df9hyo=; b=dm7N6BRsZLKpwyveIUdBLChgAbpDF2vhDELbGJbPFxT/3t1Ccp/KeDthxG26IuAumO 7n8L+FP+HhK2no3eG/dpoLGepRKV6+d+PS5CcuApjcmCMmuEG9C38wdYX8mcCrdpsgTQ ZhcXlhj+T9e4xg9wdJzEbsSpdCeTSovCX6sZFcaSf++dYLpPeJOWYszq1fG2qSQlaogN NGFfsLYy7776aD7bHUK5Fc+ScgDbyOzq8rPAmeRsqNT1dEtN5OtzpF+EJOO4mwiVvY0g hhrlw/ulDoaZkymgCPFhzjGouIZQjdhE5NADUXXkwgyauYXcJozoDvC1zmfmHwE8XgJF GkEw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b="fi/t3Bnt"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q18si128718ejs.509.2021.05.05.11.43.46; Wed, 05 May 2021 11:44:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b="fi/t3Bnt"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234553AbhEESnh (ORCPT + 99 others); Wed, 5 May 2021 14:43:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38624 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234140AbhEESnf (ORCPT ); Wed, 5 May 2021 14:43:35 -0400 Received: from mail-lj1-x229.google.com (mail-lj1-x229.google.com [IPv6:2a00:1450:4864:20::229]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D8AC6C061574 for ; Wed, 5 May 2021 11:42:37 -0700 (PDT) Received: by mail-lj1-x229.google.com with SMTP id p12so3813059ljg.1 for ; Wed, 05 May 2021 11:42:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ZtVgorg1zZS8VLz6ZkmKBwpxdrKeM7t+NX3g8df9hyo=; b=fi/t3BnthT3poNXreQ6uLoaV03s0lm1WWZczRRqTuTs3qxP9jJknjHU5ah47WMVazy MN9JWJuif6XkC1SfR6fZSi7FSYJLDZq9P3hTTF9ZtARuYc5NrhmjVxCzcdP5g8CpAXNN QhkKSS62haSnoPmNyChnQ6bDHRBGTumBek7TE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ZtVgorg1zZS8VLz6ZkmKBwpxdrKeM7t+NX3g8df9hyo=; b=nD7Cor8xhwZEUNGOWlQN9jOX7+WYiLJ7e8b3G1+bYhFoBqDuHNPsafAS0ZWvt+OqqO hbU3QPg7t2uIOFcTCQ+VYkO4OMXEktYbO/CqfosWaAP3l1fZ5L2xfBWsnfQjvmO+S+KQ R09V22s1BcJ2mgsup+qlqAkOI/D9k3X8G7lNOLlWNH+g9v5UkbsrK/PAA+9sy+oQUsQd AaRjmKYVZyM5xpH/XSABFpptZeRh316HjLuBSPBufoDiytjfEYDwqESw/0suz/YzOair jtKWIsEBkPYyJh3AnvAmiV4l8IxI0ge4ySvo1T0DQ72AHHSxhjEzVajzK6ywkYb3xoNC cPrw== X-Gm-Message-State: AOAM530KiwONiq9YeBDrnBxgYy2x2MKu/B+ROMHbc9PNykxE72+pMl1R +3R12DwCyGWSGj8icNXFPirUXCLY5wZg/39Jrbs= X-Received: by 2002:a05:651c:106a:: with SMTP id y10mr182128ljm.470.1620240155854; Wed, 05 May 2021 11:42:35 -0700 (PDT) Received: from mail-lj1-f177.google.com (mail-lj1-f177.google.com. [209.85.208.177]) by smtp.gmail.com with ESMTPSA id u25sm7729ljo.60.2021.05.05.11.42.33 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 05 May 2021 11:42:34 -0700 (PDT) Received: by mail-lj1-f177.google.com with SMTP id v5so3763283ljg.12 for ; Wed, 05 May 2021 11:42:33 -0700 (PDT) X-Received: by 2002:a05:651c:3de:: with SMTP id f30mr161074ljp.251.1620240153569; Wed, 05 May 2021 11:42:33 -0700 (PDT) MIME-Version: 1.0 References: <20210429154807.hptls4vnmq2svuea@box> <20210429183836.GF8339@xz-x1> In-Reply-To: From: Linus Torvalds Date: Wed, 5 May 2021 11:42:17 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Sealed memfd & no-fault mmap To: Simon Ser Cc: Peter Xu , "Kirill A. Shutemov" , Matthew Wilcox , Dan Williams , "Kirill A. Shutemov" , Will Deacon , Linux Kernel Mailing List , David Herrmann , "linux-mm@kvack.org" , Greg Kroah-Hartman , "tytso@mit.edu" Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, May 5, 2021 at 3:21 AM Simon Ser wrote: > > > > Is there some very specific and targeted pattern for that "shared > > mapping" case? For example, if it's always a shared anonymous mapping > > with no filesystem backing, then that would possibly be a simpler case > > than the "random arbitrary shared file descriptor". > > Yes. I don't know of any Wayland client using buffers with real > filesystem backing. I think the main cases are: > > - shm_open(3) immediately followed by shm_unlink(3). On Linux, this is > implemented with /dev/shm which is a tmpfs. > - Abusing /tmp or /run's tmpfs by creating a file there and unlinking > it immediately afterwards. Kind of similar to the first case. > - memfd_create(2) on Linux. > > Is this enough to make it work on shared memory mappings? Is it > important that the mapping is anonymous? All of those should be anonymous in the sense that the backing store is all the kernel's notion of anonymous pages, and there is no actual file backing. The mappings may then be shared, of course. So that does make Peter's idea to have some inode flag for "don't SIGBUS on fault" be more reasonable, because there isn't some random actual filesystem involved, only the core VM layer. I'm not going to write the patch, though, but maybe you can convince somebody else to try it.. Linus