From: Mike Kravetz <mike.kravetz@oracle.com>
To: Rik van Riel <riel@redhat.com>,
Florian Weimer <fweimer@redhat.com>,
linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org, colm@allcosts.net, akpm@linux-foundation.org,
keescook@chromium.org, luto@amacapital.net, wad@chromium.org,
mingo@kernel.org, kirill@shutemov.name, dave.hansen@intel.com
Subject: Re: [PATCH v2 0/2] mm,fork,security: introduce MADV_WIPEONFORK
Date: Tue, 8 Aug 2017 08:19:48 -0700 [thread overview]
Message-ID: <0324df31-717d-32c1-95ef-351c5b23105f@oracle.com> (raw)
In-Reply-To: <1502198148.6577.18.camel@redhat.com>
On 08/08/2017 06:15 AM, Rik van Riel wrote:
> On Tue, 2017-08-08 at 11:58 +0200, Florian Weimer wrote:
>> On 08/07/2017 08:23 PM, Mike Kravetz wrote:
>>> If my thoughts above are correct, what about returning EINVAL if
>>> one
>>> attempts to set MADV_DONTFORK on mappings set up for sharing?
>>
>> That's my preference as well. If there is a use case for shared or
>> non-anonymous mappings, then we can implement MADV_DONTFORK with the
>> semantics for this use case. If we pick some arbitrary semantics
>> now,
>> without any use case, we might end up with something that's not
>> actually
>> useful.
>
> MADV_DONTFORK is existing semantics, and it is enforced
> on shared, non-anonymous mappings. It is frequently used
> for things like device mappings, which should not be
> inherited by a child process, because the device can only
> be used by one process at a time.
>
> When someone requests MADV_DONTFORK on a shared VMA, they
> will get it. The later madvise request overrides the mmap
> flags that were used earlier.
>
> The question is, should MADV_WIPEONFORK (introduced by
> this series) have not just different semantics, but also
> totally different behavior from MADV_DONTFORK?
Sorry for the confusion. I accidentally used MADV_DONTFORK instead
of MADV_WIPEONFORK in my reply (which Florian commented on).
> Does the principle of least surprise dictate that the
> last request determines the policy on an area, or should
> later requests not be able to override policy that was
> set at mmap time?
That is the question.
The other question I was trying to bring up is "What does MADV_WIPEONFORK
mean for various types of mappings?" For example, if we allow
MADV_WIPEONFORK on a file backed mapping what does that mapping look
like in the child after fork? Does it have any connection at all to the
file? Or, do we drop all references to the file and essentially transform
it to a private (or shared?) anonymous mapping after fork. What about
System V shared memory? What about hugetlb?
If the use case is fairly specific, then perhaps it makes sense to
make MADV_WIPEONFORK not applicable (EINVAL) for mappings where the
result is 'questionable'.
--
Mike Kravetz
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2017-08-08 15:20 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-06 14:04 riel
2017-08-06 14:04 ` [PATCH 1/2] x86,mpx: make mpx depend on x86-64 to free up VMA flag riel
2017-08-06 14:04 ` [PATCH 2/2] mm,fork: introduce MADV_WIPEONFORK riel
2017-08-10 15:23 ` Michal Hocko
2017-08-11 15:23 ` Rik van Riel
2017-08-11 16:36 ` Mike Kravetz
2017-08-11 16:59 ` Rik van Riel
2017-08-11 17:07 ` Mike Kravetz
2017-08-07 13:22 ` [PATCH v2 0/2] mm,fork,security: " Michal Hocko
2017-08-07 13:46 ` Michal Hocko
2017-08-07 14:19 ` Florian Weimer
2017-08-10 13:06 ` Michal Hocko
2017-08-07 14:59 ` Rik van Riel
2017-08-09 9:59 ` Kirill A. Shutemov
2017-08-09 12:31 ` Rik van Riel
2017-08-09 12:42 ` Florian Weimer
2017-08-10 13:05 ` Michal Hocko
2017-08-10 13:23 ` Colm MacCárthaigh
2017-08-10 15:36 ` Michal Hocko
2017-08-10 16:17 ` Colm MacCárthaigh
2017-08-10 17:01 ` Michal Hocko
2017-08-10 22:09 ` Colm MacCárthaigh
2017-08-11 14:06 ` Michal Hocko
2017-08-11 14:11 ` Florian Weimer
2017-08-11 14:24 ` Michal Hocko
2017-08-11 15:24 ` Florian Weimer
2017-08-11 15:31 ` Michal Hocko
2017-08-07 15:55 ` Colm MacCárthaigh
2017-08-10 13:21 ` Michal Hocko
2017-08-10 14:11 ` Michal Hocko
2017-08-07 18:23 ` Mike Kravetz
2017-08-08 9:58 ` Florian Weimer
2017-08-08 13:15 ` Rik van Riel
2017-08-08 15:19 ` Mike Kravetz [this message]
2017-08-08 15:22 ` Florian Weimer
2017-08-08 15:46 ` Rik van Riel
2017-08-08 16:48 ` Colm MacCárthaigh
2017-08-08 16:52 ` Matthew Wilcox
2017-08-08 18:45 ` Rik van Riel
2017-08-10 15:31 ` Michal Hocko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0324df31-717d-32c1-95ef-351c5b23105f@oracle.com \
--to=mike.kravetz@oracle.com \
--cc=akpm@linux-foundation.org \
--cc=colm@allcosts.net \
--cc=dave.hansen@intel.com \
--cc=fweimer@redhat.com \
--cc=keescook@chromium.org \
--cc=kirill@shutemov.name \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@amacapital.net \
--cc=mingo@kernel.org \
--cc=riel@redhat.com \
--cc=wad@chromium.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox