From: Peter Xu <peterx@redhat.com>
To: Nadav Amit <nadav.amit@gmail.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
Nadav Amit <namit@vmware.com>,
Andrea Arcangeli <aarcange@redhat.com>,
Mike Rapoport <rppt@linux.vnet.ibm.com>
Subject: Re: [RFC PATCH] userfaultfd: support control over mm of remote PIDs
Date: Wed, 13 Oct 2021 10:18:50 +0800 [thread overview]
Message-ID: <YWZCClDorCCM7KMG@t490s> (raw)
In-Reply-To: <20210926170637.245699-1-namit@vmware.com>
On Sun, Sep 26, 2021 at 10:06:37AM -0700, Nadav Amit wrote:
> From: Nadav Amit <namit@vmware.com>
>
> Non-cooperative mode is useful but only for forked processes.
> Userfaultfd can be useful to monitor, debug and manage memory of remote
> processes.
>
> To support this mode, add a new flag, UFFD_REMOTE_PID, and an optional
> second argument to the userfaultfd syscall. When the flag is set, the
> second argument is assumed to be the PID of the process that is to be
> monitored. Otherwise the flag is ignored.
>
> The syscall enforces that the caller has CAP_SYS_PTRACE to prevent
> misuse of this feature.
>
> Cc: Andrea Arcangeli <aarcange@redhat.com>
> Cc: Andrew Morton <akpm@linux-foundation.org>
> Cc: Mike Rapoport <rppt@linux.vnet.ibm.com>
> Cc: Peter Xu <peterx@redhat.com>
> Signed-off-by: Nadav Amit <namit@vmware.com>
I think this patch from one pov looks just likes the other patch of the
process_madvise on DONTNEED - the new interface definitely opens new way to do
things, however IMHO it would be great to discuss some detailed scenario that
we can do with it better than the existing facilities.
The thing is uffd already provides some mechanism for doing things like
customized swapping, so that's not something new IMHO that this patch brings
(neither is what the DONTNEED patch brings), just like when I raised in the
other thread about umap.
So IMHO it'll be great if there can be some elaboration on how the "remote"
capability could help us do things better (e.g., use cases that we may not
solve with linking against another uffd-supported library, or we can't do with
register uffd then fork()).
(I skipped the security side of things, as I replied in the other thread that I
think I buy in your point on depending on PTRACE capability and also the
examples you gave on ptrace() and process_vm_writev() are persuasive to me,
but no expert on that..)
Thanks,
--
Peter Xu
next prev parent reply other threads:[~2021-10-13 2:19 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-26 17:06 Nadav Amit
2021-09-27 9:29 ` David Hildenbrand
2021-09-27 10:19 ` Nadav Amit
2021-09-27 17:06 ` David Hildenbrand
2021-09-27 20:08 ` Nadav Amit
2021-09-27 20:11 ` David Hildenbrand
2021-10-13 2:18 ` Peter Xu [this message]
2021-10-13 16:02 ` Nadav Amit
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YWZCClDorCCM7KMG@t490s \
--to=peterx@redhat.com \
--cc=aarcange@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=nadav.amit@gmail.com \
--cc=namit@vmware.com \
--cc=rppt@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox