Re: [PATCH v5 3/5] mm: introduce memfd_secret system call to create "secret" memory areas

From: Randy Dunlap
Date: Wed Sep 16 2020 - 17:07:41 EST


Hi Mike,


On 9/16/20 12:35 AM, Mike Rapoport wrote:
> From: Mike Rapoport <rppt@xxxxxxxxxxxxx>
>
>
> Signed-off-by: Mike Rapoport <rppt@xxxxxxxxxxxxx>
> ---
> arch/Kconfig | 7 +
> arch/x86/Kconfig | 1 +
> include/uapi/linux/magic.h | 1 +
> include/uapi/linux/secretmem.h | 8 +
> kernel/sys_ni.c | 2 +
> mm/Kconfig | 4 +
> mm/Makefile | 1 +
> mm/secretmem.c | 264 +++++++++++++++++++++++++++++++++
> 8 files changed, 288 insertions(+)
> create mode 100644 include/uapi/linux/secretmem.h
> create mode 100644 mm/secretmem.c
>
> diff --git a/arch/Kconfig b/arch/Kconfig
> index af14a567b493..8d161bd4142d 100644
> --- a/arch/Kconfig
> +++ b/arch/Kconfig
> @@ -975,6 +975,13 @@ config HAVE_SPARSE_SYSCALL_NR
> config ARCH_HAS_VDSO_DATA
> bool
>
> +config HAVE_SECRETMEM_UNCACHED
> + bool
> + help
> + An architecture can select this if its semantics of non-cached
> + mappings can be used to prevent speculative loads and it is
> + useful for secret protection.

Please use tabs instead of spaces for indentation.

> +
> source "kernel/gcov/Kconfig"
>
> source "scripts/gcc-plugins/Kconfig"

> diff --git a/mm/Kconfig b/mm/Kconfig
> index 6c974888f86f..70cfc20d7caa 100644
> --- a/mm/Kconfig
> +++ b/mm/Kconfig
> @@ -868,4 +868,8 @@ config ARCH_HAS_HUGEPD
> config MAPPING_DIRTY_HELPERS
> bool
>
> +config SECRETMEM
> + def_bool ARCH_HAS_SET_DIRECT_MAP && !EMBEDDED

Use tab above for indentation.

> + select GENERIC_ALLOCATOR
> +
> endmenu


thanks.
--
~Randy