[PATCH 3/6] mm: introduce secretmemfd system call to create "secret" memory areas
arnd at arndb.de
Mon Jul 20 07:30:13 EDT 2020
On Mon, Jul 20, 2020 at 11:25 AM Mike Rapoport <rppt at kernel.org> wrote:
> From: Mike Rapoport <rppt at linux.ibm.com>
> Introduce "secretmemfd" system call with the ability to create memory areas
> visible only in the context of the owning process and not mapped not only
> to other processes but in the kernel page tables as well.
> The user will create a file descriptor using the secretmemfd system call
> where flags supplied as a parameter to this system call will define the
> desired protection mode for the memory associated with that file
> descriptor. Currently there are two protection modes:
> * exclusive - the memory area is unmapped from the kernel direct map and it
> is present only in the page tables of the owning mm.
> * uncached - the memory area is present only in the page tables of the
> owning mm and it is mapped there as uncached.
> For instance, the following example will create an uncached mapping (error
> handling is omitted):
> fd = secretmemfd(SECRETMEM_UNCACHED);
> ftruncate(fd, MAP_SIZE);
> ptr = mmap(NULL, MAP_SIZE, PROT_READ | PROT_WRITE, MAP_SHARED,
> fd, 0);
> Signed-off-by: Mike Rapoport <rppt at linux.ibm.com>
I wonder if this should be more closely related to dmabuf file
are already used for a similar purpose: sharing access to secret memory areas
that are not visible to the OS but can be shared with hardware through device
drivers that can import a dmabuf file descriptor.
More information about the linux-riscv