Re: [PATCH v3 0/7] File Sealing & memfd_create()
From: Florian Weimer
Date: Tue Jun 17 2014 - 08:14:04 EST
On 06/17/2014 12:10 PM, David Herrmann wrote:
The file might have holes, therefore, you'd have to allocate backing
pages. This might hit a soft-limit and fail. To avoid this, use
fallocate() to allocate pages prior to mmap()
This does not work because the consuming side does not know how the
descriptor was set up if sealing does not imply that.
The consuming side has to very seals via F_GET_SEALS. After that, it
shall do a simple fallocate() on the whole file if it wants to go sure
that all pages are allocated. Why shouldn't that be possible? Please
elaborate.
Hmm. You permit general fallocate even for WRITE seals. That's really
unexpected.
The inode_newsize_ok check in shmem_fallocate can result in SIGXFSZ,
which doesn't seem to be what's intended here.
Will the new pages attributed to the process calling fallocate, or to
the process calling memfd_create?
--
Florian Weimer / Red Hat Product Security Team
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/