Hello, This patchset builds upon the memfd_restricted() system call that was discussed in the ‘KVM: mm: fd-based approach for supporting KVM’ patch series, at https://lore.kernel.org/lkml/20221202061347.1070246-1-chao.p.p...@linux.intel.com/T/
The tree can be found at: https://github.com/googleprodkernel/linux-cc/tree/restrictedmem-provide-mount-fd-rfc-v3 In this patchset, a modification to the memfd_restricted() syscall is proposed, which allows userspace to provide a mount, on which the restrictedmem file will be created and returned from the memfd_restricted(). Allowing userspace to provide a mount allows userspace to control various memory binding policies via tmpfs mount options, such as Transparent HugePage memory allocation policy through ‘huge=always/never’ and NUMA memory allocation policy through ‘mpol=local/bind:*’. Changes since RFCv2: + Tightened semantics to accept only fds of the root of a tmpfs mount, as Christian suggested + Added permissions check on the inode represented by the fd to guard against creation of restrictedmem files on read-only tmpfs filesystems or mounts + Renamed RMFD_TMPFILE to RMFD_USERMNT to better represent providing a userspace mount to create a restrictedmem file on + Updated selftests for tighter semantics and added selftests to check for permissions Changes since RFCv1: + Use fd to represent mount instead of path string, as Kirill suggested. I believe using fds makes this syscall interface more aligned with the other syscalls like fsopen(), fsconfig(), and fsmount() in terms of using and passing around fds + Remove unused variable char *orig_shmem_enabled from selftests Dependencies: + Sean’s iteration of the ‘KVM: mm: fd-based approach for supporting KVM’ patch series at https://github.com/sean-jc/linux/tree/x86/upm_base_support + Proposed fixes for these issues mentioned on the mailing list: + https://lore.kernel.org/lkml/diqzzga0fv96....@ackerleytng-cloudtop-sg.c.googlers.com/ Links to earlier patch series: + RFC v2: https://lore.kernel.org/lkml/cover.1679428901.git.ackerley...@google.com/T/ + RFC v1: https://lore.kernel.org/lkml/cover.1676507663.git.ackerley...@google.com/T/ --- Ackerley Tng (2): mm: restrictedmem: Allow userspace to specify mount for memfd_restricted selftests: restrictedmem: Check hugepage-ness of shmem file backing restrictedmem fd include/linux/syscalls.h | 2 +- include/uapi/linux/restrictedmem.h | 8 + mm/restrictedmem.c | 74 ++- tools/testing/selftests/Makefile | 1 + .../selftests/restrictedmem/.gitignore | 3 + .../testing/selftests/restrictedmem/Makefile | 15 + .../testing/selftests/restrictedmem/common.c | 9 + .../testing/selftests/restrictedmem/common.h | 8 + .../restrictedmem_hugepage_test.c | 486 ++++++++++++++++++ 9 files changed, 599 insertions(+), 7 deletions(-) create mode 100644 include/uapi/linux/restrictedmem.h create mode 100644 tools/testing/selftests/restrictedmem/.gitignore create mode 100644 tools/testing/selftests/restrictedmem/Makefile create mode 100644 tools/testing/selftests/restrictedmem/common.c create mode 100644 tools/testing/selftests/restrictedmem/common.h create mode 100644 tools/testing/selftests/restrictedmem/restrictedmem_hugepage_test.c -- 2.40.0.348.gf938b09366-goog
