Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users
From: Peter Xu
Date: Tue Mar 12 2019 - 08:43:19 EST
Hi, Kirill,
On Tue, Mar 12, 2019 at 10:49:51AM +0300, Kirill A. Shutemov wrote:
> On Mon, Mar 11, 2019 at 05:36:58PM +0800, Peter Xu wrote:
> > Hi,
> >
> > (The idea comes from Andrea, and following discussions with Mike and
> > other people)
> >
> > This patchset introduces a new sysctl flag to allow the admin to
> > forbid users from using userfaultfd:
> >
> > $ cat /proc/sys/vm/unprivileged_userfaultfd
> > [disabled] enabled kvm
>
> CC linux-api@
>
> This is unusual way to return current value for sysctl. Does it work fine
> with sysctl tool?
It can work, though it displays the same as "cat":
$ sysctl vm.unprivileged_userfaultfd
vm.unprivileged_userfaultfd = disabled enabled [kvm]
>
> Have you considered to place the switch into /sys/kernel/mm instead?
> I doubt it's the last tunable for userfaultfd. Maybe we should have an
> directory for it under /sys/kernel/mm?
I haven't thought about sysfs, if that's preferred I can consider to
switch to that. And yes I think creating a directory should be a good
idea.
Thanks,
--
Peter Xu