From: Matthew Wilcox <willy@infradead.org>
To: Steven Sistare <steven.sistare@oracle.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
Anthony Yznaga <anthony.yznaga@oracle.com>,
linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-mm@kvack.org, linux-arch@vger.kernel.org,
mhocko@kernel.org, tglx@linutronix.de, mingo@redhat.com,
bp@alien8.de, x86@kernel.org, hpa@zytor.com,
viro@zeniv.linux.org.uk, akpm@linux-foundation.org,
arnd@arndb.de, keescook@chromium.org, gerg@linux-m68k.org,
ktkhai@virtuozzo.com, christian.brauner@ubuntu.com,
peterz@infradead.org, esyr@redhat.com, jgg@ziepe.ca,
christian@kellner.me, areber@redhat.com, cyphar@cyphar.com
Subject: Re: [RFC PATCH 0/5] madvise MADV_DOEXEC
Date: Fri, 31 Jul 2020 18:23:37 +0100 [thread overview]
Message-ID: <20200731172337.GQ23808@casper.infradead.org> (raw)
In-Reply-To: <9ba26063-0098-e796-9431-8c1d0c076ffc@oracle.com>
On Fri, Jul 31, 2020 at 12:11:52PM -0400, Steven Sistare wrote:
> On 7/31/2020 11:27 AM, Matthew Wilcox wrote:
> > On Fri, Jul 31, 2020 at 10:57:44AM -0400, Steven Sistare wrote:
> >> Matthews sileby/mshare proposal has the same issue. If a process opts-in
> >> and mmap's an address in the shared region, then content becomes mapped at
> >> a VA that was known to the pre-fork or pre-exec process. Trust must still
> >> be established.
> >
> > It's up to the recipient whether they try to map it at the same address
> > or at a fresh address. The intended use case is a "semi-shared" address
> > space between two processes (ie partway between a threaded, fully-shared
> > address space and a forked un-shared address space), in which case
> > there's a certain amount of trust and cooperation between the processes.
>
> Understood, but if the recipient does map at any of the same, which is the whole
> point because you want to share the page table. The trust relationship is no
> different than for the live update case.
You don't have to map at the same address to share the page tables.
For example, on x86 if you share an 8GB region, that must be aligned at
1GB in both the donor and the recipient, but they need not be mapped at
the same address.
> > It's a net increase of 200 lines of kernel code. If 4 lines of userspace
> > code removes 200 lines of kernel code, I think I know which I prefer ...
>
> It will be *far* more than 4 lines.
> Much of the 200 lines is mostly for the elf opt in, and much of the elf code is from
> anthony reviving an earlier patch that use MAP_FIXED_NOREPLACE during segment setup.
It doesn't really matter how much of it is for the opt-in and how much
is for the exec path itself. The MAP_FIXED_NOREPLACE patch is only net
+16 lines, so that's not the problem.
next prev parent reply other threads:[~2020-07-31 17:23 UTC|newest]
Thread overview: 74+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-27 17:11 [RFC PATCH 0/5] madvise MADV_DOEXEC Anthony Yznaga
2020-07-27 17:07 ` Eric W. Biederman
2020-07-27 18:00 ` Steven Sistare
2020-07-28 13:40 ` Christian Brauner
2020-07-27 17:11 ` [RFC PATCH 1/5] elf: reintroduce using MAP_FIXED_NOREPLACE for elf executable mappings Anthony Yznaga
2020-07-27 17:11 ` [RFC PATCH 2/5] mm: do not assume only the stack vma exists in setup_arg_pages() Anthony Yznaga
2020-07-27 17:11 ` [RFC PATCH 3/5] mm: introduce VM_EXEC_KEEP Anthony Yznaga
2020-07-28 13:38 ` Eric W. Biederman
2020-07-28 17:44 ` Anthony Yznaga
2020-07-29 13:52 ` Kirill A. Shutemov
2020-07-29 23:20 ` Anthony Yznaga
2020-07-27 17:11 ` [RFC PATCH 4/5] exec, elf: require opt-in for accepting preserved mem Anthony Yznaga
2020-07-27 17:11 ` [RFC PATCH 5/5] mm: introduce MADV_DOEXEC Anthony Yznaga
2020-07-28 13:22 ` Kirill Tkhai
2020-07-28 14:06 ` Steven Sistare
2020-07-28 11:34 ` [RFC PATCH 0/5] madvise MADV_DOEXEC Kirill Tkhai
2020-07-28 17:28 ` Anthony Yznaga
2020-07-28 14:23 ` Andy Lutomirski
2020-07-28 14:30 ` Steven Sistare
2020-07-30 15:22 ` Matthew Wilcox
2020-07-30 15:27 ` Christian Brauner
2020-07-30 15:34 ` Matthew Wilcox
2020-07-30 15:54 ` Christian Brauner
2020-07-31 9:12 ` Stefan Hajnoczi
2020-07-30 15:59 ` Steven Sistare
2020-07-30 17:12 ` Matthew Wilcox
2020-07-30 17:35 ` Steven Sistare
2020-07-30 17:49 ` Matthew Wilcox
2020-07-30 18:27 ` Steven Sistare
2020-07-30 21:58 ` Eric W. Biederman
2020-07-31 14:57 ` Steven Sistare
2020-07-31 15:27 ` Matthew Wilcox
2020-07-31 16:11 ` Steven Sistare
2020-07-31 16:56 ` Jason Gunthorpe
2020-07-31 17:15 ` Steven Sistare
2020-07-31 17:48 ` Jason Gunthorpe
2020-07-31 17:55 ` Steven Sistare
2020-07-31 17:23 ` Matthew Wilcox [this message]
2020-08-03 15:28 ` Eric W. Biederman
2020-08-03 15:42 ` James Bottomley
2020-08-03 20:03 ` Steven Sistare
[not found] ` <9371b8272fd84280ae40b409b260bab3@AcuMS.aculab.com>
2020-08-04 11:13 ` Matthew Wilcox
2020-08-03 19:29 ` Steven Sistare
2020-07-31 19:41 ` Steven Sistare
2021-07-08 9:52 ` Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
2021-07-08 12:48 ` Steven Sistare
2021-07-12 1:05 ` Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
2021-07-12 1:30 ` Matthew Wilcox
2021-07-13 0:57 ` Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
2021-08-13 19:49 ` Khalid Aziz
2021-08-14 20:07 ` David Laight
2021-08-16 0:26 ` Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
2021-08-16 8:07 ` David Laight
2021-08-16 6:54 ` Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
2021-08-16 8:02 ` David Hildenbrand
2021-08-16 12:07 ` Matthew Wilcox
2021-08-16 12:20 ` David Hildenbrand
2021-08-16 12:42 ` David Hildenbrand
2021-08-16 12:46 ` Matthew Wilcox
2021-08-16 13:24 ` David Hildenbrand
2021-08-16 13:32 ` Matthew Wilcox
2021-08-16 14:10 ` David Hildenbrand
2021-08-16 14:27 ` Matthew Wilcox
2021-08-16 14:33 ` David Hildenbrand
2021-08-16 14:40 ` Matthew Wilcox
2021-08-16 15:01 ` David Hildenbrand
2021-08-16 15:59 ` Matthew Wilcox
2021-08-16 16:06 ` Khalid Aziz
2021-08-16 16:15 ` Matthew Wilcox
2021-08-16 16:13 ` David Hildenbrand
2021-08-16 12:27 ` [private] " David Hildenbrand
2021-08-16 12:30 ` David Hildenbrand
2021-08-17 0:47 ` Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
2021-08-17 0:55 ` Matthew Wilcox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200731172337.GQ23808@casper.infradead.org \
--to=willy@infradead.org \
--cc=akpm@linux-foundation.org \
--cc=anthony.yznaga@oracle.com \
--cc=areber@redhat.com \
--cc=arnd@arndb.de \
--cc=bp@alien8.de \
--cc=christian.brauner@ubuntu.com \
--cc=christian@kellner.me \
--cc=cyphar@cyphar.com \
--cc=ebiederm@xmission.com \
--cc=esyr@redhat.com \
--cc=gerg@linux-m68k.org \
--cc=hpa@zytor.com \
--cc=jgg@ziepe.ca \
--cc=keescook@chromium.org \
--cc=ktkhai@virtuozzo.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mhocko@kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=steven.sistare@oracle.com \
--cc=tglx@linutronix.de \
--cc=viro@zeniv.linux.org.uk \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).