From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8D071C433B4 for ; Fri, 7 May 2021 07:35:56 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 6BA286141B for ; Fri, 7 May 2021 07:35:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235390AbhEGHgy (ORCPT ); Fri, 7 May 2021 03:36:54 -0400 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:58472 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235365AbhEGHgv (ORCPT ); Fri, 7 May 2021 03:36:51 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1620372951; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YRLhFcul/s0bAb0h6pwheuix10YVXJYp5em6Jk4RpTY=; b=LKQ8IWaBht40hQ37zGhiXWlx+x+Dj6an1dgqmq+UDQ3Msuggv1C2b3TezDAWLG/j28CUxx SYtxDjtmTeLa6lateTlt99a9Vpwn/iZBxnYdboXBfMzDsZa4lqARUwn76xIegra1nQR16K nHeDtHsZAN4JgiRXzfUjQ3eqptexoS4= Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-207-z-pPCGMoMGWPcAb9gz833A-1; Fri, 07 May 2021 03:35:49 -0400 X-MC-Unique: z-pPCGMoMGWPcAb9gz833A-1 Received: by mail-ed1-f71.google.com with SMTP id u30-20020a50a41e0000b0290385504d6e4eso4017179edb.7 for ; Fri, 07 May 2021 00:35:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:cc:references:from:organization:subject :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=YRLhFcul/s0bAb0h6pwheuix10YVXJYp5em6Jk4RpTY=; b=QP5mTomZ8qLxtwh49++0789jis7psApAzTHYBXpShuSdmKL0erxiZk/SS+7VyTYlXa JovVzlV3wiMk6xRLlOcNBH8is2DP42aM3m3Pv/PVQiNP9kilxwB50u+/6OmJWwdRPZFj tdlZa/GDBwVJB/bcXklDnT9jGxP7d9r7wDsUjN3z40x4tj0UpdIDV//gtIowX25XMGVe XB+fzIgLMUqk1aTgdvflgs69ERiQvAKsVJY4NUTQZmqx8MHUOZGwsWwtCgaV+d473OE4 Jco8NsdJJQ8QuAQyPElh7qC4jDD+9Lwof2MykfB+zUuSa08hkGfNL6OBvZ7E8mpmOPNL Q+oQ== X-Gm-Message-State: AOAM5311dwhpYgeyq6VTFJyGl8zQ/OSgP+HiyPeCGEMTSlE2vzc5NRXG ImnWqH4/A3dB1r+ZRkpf0UgsUtMlpXs3c1bNbUlIcMWRHNAJZV9NnGs48zl8qRwMKEaZlBUPw9O TKzKyebcPK8nIrY0Dn6MUzd2E X-Received: by 2002:a17:907:174a:: with SMTP id lf10mr8861617ejc.433.1620372948262; Fri, 07 May 2021 00:35:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx5XI2zKUbsKazvcW2Vr5jvMDeiB+dtOEKTtfzbIqz37aYae3i7ugq6B0OmfMhiabycSZroRA== X-Received: by 2002:a17:907:174a:: with SMTP id lf10mr8861569ejc.433.1620372947917; Fri, 07 May 2021 00:35:47 -0700 (PDT) Received: from [192.168.3.132] (p5b0c63c0.dip0.t-ipconnect.de. [91.12.99.192]) by smtp.gmail.com with ESMTPSA id l17sm2925176ejk.22.2021.05.07.00.35.45 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 07 May 2021 00:35:47 -0700 (PDT) To: Nick Kossifidis , jejb@linux.ibm.com Cc: Andrew Morton , Mike Rapoport , Alexander Viro , Andy Lutomirski , Arnd Bergmann , Borislav Petkov , Catalin Marinas , Christopher Lameter , Dan Williams , Dave Hansen , Elena Reshetova , "H. Peter Anvin" , Ingo Molnar , "Kirill A. Shutemov" , Matthew Wilcox , Matthew Garrett , Mark Rutland , Michal Hocko , Mike Rapoport , Michael Kerrisk , Palmer Dabbelt , Paul Walmsley , Peter Zijlstra , "Rafael J. Wysocki" , Rick Edgecombe , Roman Gushchin , Shakeel Butt , Shuah Khan , Thomas Gleixner , Tycho Andersen , Will Deacon , linux-api@vger.kernel.org, linux-arch@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-nvdimm@lists.01.org, linux-riscv@lists.infradead.org, x86@kernel.org References: <20210303162209.8609-1-rppt@kernel.org> <20210505120806.abfd4ee657ccabf2f221a0eb@linux-foundation.org> <996dbc29-e79c-9c31-1e47-cbf20db2937d@redhat.com> <8eb933f921c9dfe4c9b1b304e8f8fa4fbc249d84.camel@linux.ibm.com> <77fe28bd940b2c1afd69d65b6d349352@mailhost.ics.forth.gr> From: David Hildenbrand Organization: Red Hat Subject: Re: [PATCH v18 0/9] mm: introduce memfd_secret system call to create "secret" memory areas Message-ID: <5232c8a7-8a05-9d0f-69ff-3dba2b04e784@redhat.com> Date: Fri, 7 May 2021 09:35:45 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.1 MIME-Version: 1.0 In-Reply-To: <77fe28bd940b2c1afd69d65b6d349352@mailhost.ics.forth.gr> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 07.05.21 01:16, Nick Kossifidis wrote: > Στις 2021-05-06 20:05, James Bottomley έγραψε: >> On Thu, 2021-05-06 at 18:45 +0200, David Hildenbrand wrote: >>> >>> Also, there is a way to still read that memory when root by >>> >>> 1. Having kdump active (which would often be the case, but maybe not >>> to dump user pages ) >>> 2. Triggering a kernel crash (easy via proc as root) >>> 3. Waiting for the reboot after kump() created the dump and then >>> reading the content from disk. >> >> Anything that can leave physical memory intact but boot to a kernel >> where the missing direct map entry is restored could theoretically >> extract the secret. However, it's not exactly going to be a stealthy >> extraction ... >> >>> Or, as an attacker, load a custom kexec() kernel and read memory >>> from the new environment. Of course, the latter two are advanced >>> mechanisms, but they are possible when root. We might be able to >>> mitigate, for example, by zeroing out secretmem pages before booting >>> into the kexec kernel, if we care :) >> >> I think we could handle it by marking the region, yes, and a zero on >> shutdown might be useful ... it would prevent all warm reboot type >> attacks. >> > > I had similar concerns about recovering secrets with kdump, and > considered cleaning up keyrings before jumping to the new kernel. The > problem is we can't provide guarantees in that case, once the kernel has > crashed and we are on our way to run crashkernel, we can't be sure we > can reliably zero-out anything, the more code we add to that path the Well, I think it depends. Assume we do the following 1) Zero out any secretmem pages when handing them back to the buddy. (alternative: init_on_free=1) -- if not already done, I didn't check the code. 2) On kdump(), zero out all allocated secretmem. It'd be easier if we'd just allocated from a fixed physical memory area; otherwise we have to walk process page tables or use a PFN walker. And zeroing out secretmem pages without a direct mapping is a different challenge. Now, during 2) it can happen that a) We crash in our clearing code (e.g., something is seriously messed up) and fail to start the kdump kernel. That's actually good, instead of leaking data we fail hard. b) We don't find all secretmem pages, for example, because process page tables are messed up or something messed up our memmap (if we'd use that to identify secretmem pages via a PFN walker somehow) But for the simple cases (e.g., malicious root tries to crash the kernel via /proc/sysrq-trigger) both a) and b) wouldn't apply. Obviously, if an admin would want to mitigate right now, he would want to disable kdump completely, meaning any attempt to load a crashkernel would fail and cannot be enabled again for that kernel (also not via cmdline an attacker could modify to reboot into a system with the option for a crashkernel). Disabling kdump in the kernel when secretmem pages are allocated is one approach, although sub-optimal. > more risky it gets. However during reboot/normal kexec() we should do > some cleanup, it makes sense and secretmem can indeed be useful in that > case. Regarding loading custom kexec() kernels, we mitigate this with > the kexec file-based API where we can verify the signature of the loaded > kimage (assuming the system runs a kernel provided by a trusted 3rd > party and we 've maintained a chain of trust since booting). For example in VMs (like QEMU), we often don't clear physical memory during a reboot. So if an attacker manages to load a kernel that you can trick into reading random physical memory areas, we can leak secretmem data I think. And there might be ways to achieve that just using the cmdline, not necessarily loading a different kernel. For example if you limit the kernel footprint ("mem=256M") and disable strict_iomem_checks ("strict_iomem_checks=relaxed") you can just extract that memory via /dev/mem if I am not wrong. So as an attacker, modify the (grub) cmdline to "mem=256M strict_iomem_checks=relaxed", reboot, and read all memory via /dev/mem. Or load a signed kexec kernel with that cmdline and boot into it. Interesting problem :) -- Thanks, David / dhildenb From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C03BBC433ED for ; Fri, 7 May 2021 07:36:29 +0000 (UTC) Received: from desiato.infradead.org (desiato.infradead.org [90.155.92.199]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 1FCE16141B for ; Fri, 7 May 2021 07:36:29 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1FCE16141B Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=redhat.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=desiato.20200630; h=Sender:Content-Type: Content-Transfer-Encoding:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:Date:Message-ID:Subject: From:References:Cc:To:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=tgTVQQafPxXX2qZQtJ4nsrCdEbG3PQbKH8QGsJzGs2M=; b=ObZqSfiLwAnIeqYts46Y01ynz MCmvVuxOb1qyLDE45mX0YHVxWuHIK/h/wXIymdK7xNeVoxS53TgOmwGRfraECbNL24Of/X84qRPOu J4SZXec1Y1o0nvNW/oMgVn6RAwcPmCZ5Yo6DiCuME7kB2WhRJAxBWTuFQWEMGY0I+SWdoXVN2+SXF /FZZlYlKp/0CBKTTF6BruX8um3sCgzqyXu2xNnPZhrZlLz5DCPJrplucAWCicqEMxY+8VggMb5nYw m0OM7b/u4pBZKaEAKeorO9J/xgygparekojKD/1HQ0jehedmhskxSRXsUTJvM3ZpT8YrO32YxU3yD acOg9C0zA==; Received: from localhost ([::1] helo=desiato.infradead.org) by desiato.infradead.org with esmtp (Exim 4.94 #2 (Red Hat Linux)) id 1lev1k-006OKT-Fc; Fri, 07 May 2021 07:36:00 +0000 Received: from bombadil.infradead.org ([2607:7c80:54:e::133]) by desiato.infradead.org with esmtps (Exim 4.94 #2 (Red Hat Linux)) id 1lev1h-006OJg-2C for linux-riscv@desiato.infradead.org; Fri, 07 May 2021 07:35:57 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20210309; h=Content-Transfer-Encoding: Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:Subject:From:References :Cc:To:Sender:Reply-To:Content-ID:Content-Description; bh=YRLhFcul/s0bAb0h6pwheuix10YVXJYp5em6Jk4RpTY=; b=VG5nbpFXTtPrnzYapgdeKNietC MpXiZOIFUH2xxaDoLe/i4bT2yCAx08pFYhEdP2Kwx0OAHUW0OuS2k99C/PIyqcKnVhwNx2rmMysrS WWsgM2e44y3T6jyzFrKx855nDMrBXfzolmAr0J90akF6L6NWRgPTkWoJ9W2cOu7wWJyQiGyaPff/k iUOOIfbohmvG/vfAaAqIYpxJvfLufqFd3O7pp09IH1U2q3QGCKf9zFPidgxSFpjd/vamVdPCbQXzP PT7neXMcceBHdXI2TaUsm1JfycVj3+Yufr1HY8plSj5ZwEz6xDwXZqqkAIMM/hAx1+LugWnc3A3Ry UFgM2QRg==; Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]) by bombadil.infradead.org with esmtps (Exim 4.94 #2 (Red Hat Linux)) id 1lev1c-006eiw-J3 for linux-riscv@lists.infradead.org; Fri, 07 May 2021 07:35:55 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1620372951; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YRLhFcul/s0bAb0h6pwheuix10YVXJYp5em6Jk4RpTY=; b=LKQ8IWaBht40hQ37zGhiXWlx+x+Dj6an1dgqmq+UDQ3Msuggv1C2b3TezDAWLG/j28CUxx SYtxDjtmTeLa6lateTlt99a9Vpwn/iZBxnYdboXBfMzDsZa4lqARUwn76xIegra1nQR16K nHeDtHsZAN4JgiRXzfUjQ3eqptexoS4= Received: from mail-ej1-f70.google.com (mail-ej1-f70.google.com [209.85.218.70]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-557-kX00adAYN4iptmZK_Kv2dQ-1; Fri, 07 May 2021 03:35:49 -0400 X-MC-Unique: kX00adAYN4iptmZK_Kv2dQ-1 Received: by mail-ej1-f70.google.com with SMTP id bx15-20020a170906a1cfb029037415131f28so2671852ejb.18 for ; Fri, 07 May 2021 00:35:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:cc:references:from:organization:subject :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=YRLhFcul/s0bAb0h6pwheuix10YVXJYp5em6Jk4RpTY=; b=M+dftLRUEiEv3h/zhTjgJH83bceSR3Vz/0iDLklY3i/k70ttLm+wUkcipEvHMz7Hbv 9p9tKfJ3DouyFMxWzquXJn2WJf8lQVKpXXOtV/w8y76PqiHO2pxCgYT6iAtJHWhQeWrB +4MYkOERtkTNXksFwBAcK9WacCybft723OVTE5/nkp9JmeWlQvLleL3slezXIBXjXyhS TeIxaksrtb7cly0YQK5zmt7fb22WmhcrBOgNYclttJDzd8WwG45kGsjB+RCdtXrp3S5B Bgtr0MUAGtaoEAj7OcEXkXzvg1VnGI+u0yd2lNte7FfD/KrmXAO+a3k7bqDrIzbnVUZJ +y1g== X-Gm-Message-State: AOAM532+5wbS0Lwh4+fNAWdk44Ozo6ql4GPk16HzBw14FNgeRk66U6BO 6/rd1Bzmqs9qKXQDdevx3Xc65DmnKRd1f+sMntVOFXHdnpG0/l8p3q60OjcbxhimFup5+0jXBUv tc8eDYuVj8ga9MggeHNwhjApYOrD6 X-Received: by 2002:a17:907:174a:: with SMTP id lf10mr8861611ejc.433.1620372948261; Fri, 07 May 2021 00:35:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx5XI2zKUbsKazvcW2Vr5jvMDeiB+dtOEKTtfzbIqz37aYae3i7ugq6B0OmfMhiabycSZroRA== X-Received: by 2002:a17:907:174a:: with SMTP id lf10mr8861569ejc.433.1620372947917; Fri, 07 May 2021 00:35:47 -0700 (PDT) Received: from [192.168.3.132] (p5b0c63c0.dip0.t-ipconnect.de. [91.12.99.192]) by smtp.gmail.com with ESMTPSA id l17sm2925176ejk.22.2021.05.07.00.35.45 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 07 May 2021 00:35:47 -0700 (PDT) To: Nick Kossifidis , jejb@linux.ibm.com Cc: Andrew Morton , Mike Rapoport , Alexander Viro , Andy Lutomirski , Arnd Bergmann , Borislav Petkov , Catalin Marinas , Christopher Lameter , Dan Williams , Dave Hansen , Elena Reshetova , "H. Peter Anvin" , Ingo Molnar , "Kirill A. Shutemov" , Matthew Wilcox , Matthew Garrett , Mark Rutland , Michal Hocko , Mike Rapoport , Michael Kerrisk , Palmer Dabbelt , Paul Walmsley , Peter Zijlstra , "Rafael J. Wysocki" , Rick Edgecombe , Roman Gushchin , Shakeel Butt , Shuah Khan , Thomas Gleixner , Tycho Andersen , Will Deacon , linux-api@vger.kernel.org, linux-arch@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-nvdimm@lists.01.org, linux-riscv@lists.infradead.org, x86@kernel.org References: <20210303162209.8609-1-rppt@kernel.org> <20210505120806.abfd4ee657ccabf2f221a0eb@linux-foundation.org> <996dbc29-e79c-9c31-1e47-cbf20db2937d@redhat.com> <8eb933f921c9dfe4c9b1b304e8f8fa4fbc249d84.camel@linux.ibm.com> <77fe28bd940b2c1afd69d65b6d349352@mailhost.ics.forth.gr> From: David Hildenbrand Organization: Red Hat Subject: Re: [PATCH v18 0/9] mm: introduce memfd_secret system call to create "secret" memory areas Message-ID: <5232c8a7-8a05-9d0f-69ff-3dba2b04e784@redhat.com> Date: Fri, 7 May 2021 09:35:45 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.1 MIME-Version: 1.0 In-Reply-To: <77fe28bd940b2c1afd69d65b6d349352@mailhost.ics.forth.gr> Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=david@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210507_003552_841639_25493462 X-CRM114-Status: GOOD ( 36.12 ) X-BeenThere: linux-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: base64 Content-Type: text/plain; charset="utf-8"; Format="flowed" Sender: "linux-riscv" Errors-To: linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org T24gMDcuMDUuMjEgMDE6MTYsIE5pY2sgS29zc2lmaWRpcyB3cm90ZToKPiDOo8+EzrnPgiAyMDIx LTA1LTA2IDIwOjA1LCBKYW1lcyBCb3R0b21sZXkgzq3Os8+BzrHPiM61Ogo+PiBPbiBUaHUsIDIw MjEtMDUtMDYgYXQgMTg6NDUgKzAyMDAsIERhdmlkIEhpbGRlbmJyYW5kIHdyb3RlOgo+Pj4KPj4+ IEFsc28sIHRoZXJlIGlzIGEgd2F5IHRvIHN0aWxsIHJlYWQgdGhhdCBtZW1vcnkgd2hlbiByb290 IGJ5Cj4+Pgo+Pj4gMS4gSGF2aW5nIGtkdW1wIGFjdGl2ZSAod2hpY2ggd291bGQgb2Z0ZW4gYmUg dGhlIGNhc2UsIGJ1dCBtYXliZSBub3QKPj4+IHRvIGR1bXAgdXNlciBwYWdlcyApCj4+PiAyLiBU cmlnZ2VyaW5nIGEga2VybmVsIGNyYXNoIChlYXN5IHZpYSBwcm9jIGFzIHJvb3QpCj4+PiAzLiBX YWl0aW5nIGZvciB0aGUgcmVib290IGFmdGVyIGt1bXAoKSBjcmVhdGVkIHRoZSBkdW1wIGFuZCB0 aGVuCj4+PiByZWFkaW5nIHRoZSBjb250ZW50IGZyb20gZGlzay4KPj4KPj4gQW55dGhpbmcgdGhh dCBjYW4gbGVhdmUgcGh5c2ljYWwgbWVtb3J5IGludGFjdCBidXQgYm9vdCB0byBhIGtlcm5lbAo+ PiB3aGVyZSB0aGUgbWlzc2luZyBkaXJlY3QgbWFwIGVudHJ5IGlzIHJlc3RvcmVkIGNvdWxkIHRo ZW9yZXRpY2FsbHkKPj4gZXh0cmFjdCB0aGUgc2VjcmV0LiAgSG93ZXZlciwgaXQncyBub3QgZXhh Y3RseSBnb2luZyB0byBiZSBhIHN0ZWFsdGh5Cj4+IGV4dHJhY3Rpb24gLi4uCj4+Cj4+PiBPciwg YXMgYW4gYXR0YWNrZXIsIGxvYWQgYSBjdXN0b20ga2V4ZWMoKSBrZXJuZWwgYW5kIHJlYWQgbWVt b3J5Cj4+PiBmcm9tIHRoZSBuZXcgZW52aXJvbm1lbnQuIE9mIGNvdXJzZSwgdGhlIGxhdHRlciB0 d28gYXJlIGFkdmFuY2VkCj4+PiBtZWNoYW5pc21zLCBidXQgdGhleSBhcmUgcG9zc2libGUgd2hl biByb290LiBXZSBtaWdodCBiZSBhYmxlIHRvCj4+PiBtaXRpZ2F0ZSwgZm9yIGV4YW1wbGUsIGJ5 IHplcm9pbmcgb3V0IHNlY3JldG1lbSBwYWdlcyBiZWZvcmUgYm9vdGluZwo+Pj4gaW50byB0aGUg a2V4ZWMga2VybmVsLCBpZiB3ZSBjYXJlIDopCj4+Cj4+IEkgdGhpbmsgd2UgY291bGQgaGFuZGxl IGl0IGJ5IG1hcmtpbmcgdGhlIHJlZ2lvbiwgeWVzLCBhbmQgYSB6ZXJvIG9uCj4+IHNodXRkb3du IG1pZ2h0IGJlIHVzZWZ1bCAuLi4gaXQgd291bGQgcHJldmVudCBhbGwgd2FybSByZWJvb3QgdHlw ZQo+PiBhdHRhY2tzLgo+Pgo+IAo+IEkgaGFkIHNpbWlsYXIgY29uY2VybnMgYWJvdXQgcmVjb3Zl cmluZyBzZWNyZXRzIHdpdGgga2R1bXAsIGFuZAo+IGNvbnNpZGVyZWQgY2xlYW5pbmcgdXAga2V5 cmluZ3MgYmVmb3JlIGp1bXBpbmcgdG8gdGhlIG5ldyBrZXJuZWwuIFRoZQo+IHByb2JsZW0gaXMg d2UgY2FuJ3QgcHJvdmlkZSBndWFyYW50ZWVzIGluIHRoYXQgY2FzZSwgb25jZSB0aGUga2VybmVs IGhhcwo+IGNyYXNoZWQgYW5kIHdlIGFyZSBvbiBvdXIgd2F5IHRvIHJ1biBjcmFzaGtlcm5lbCwg d2UgY2FuJ3QgYmUgc3VyZSB3ZQo+IGNhbiByZWxpYWJseSB6ZXJvLW91dCBhbnl0aGluZywgdGhl IG1vcmUgY29kZSB3ZSBhZGQgdG8gdGhhdCBwYXRoIHRoZQoKV2VsbCwgSSB0aGluayBpdCBkZXBl bmRzLiBBc3N1bWUgd2UgZG8gdGhlIGZvbGxvd2luZwoKMSkgWmVybyBvdXQgYW55IHNlY3JldG1l bSBwYWdlcyB3aGVuIGhhbmRpbmcgdGhlbSBiYWNrIHRvIHRoZSBidWRkeS4gCihhbHRlcm5hdGl2 ZTogaW5pdF9vbl9mcmVlPTEpIC0tIGlmIG5vdCBhbHJlYWR5IGRvbmUsIEkgZGlkbid0IGNoZWNr IHRoZSAKY29kZS4KCjIpIE9uIGtkdW1wKCksIHplcm8gb3V0IGFsbCBhbGxvY2F0ZWQgc2VjcmV0 bWVtLiBJdCdkIGJlIGVhc2llciBpZiB3ZSdkIApqdXN0IGFsbG9jYXRlZCBmcm9tIGEgZml4ZWQg cGh5c2ljYWwgbWVtb3J5IGFyZWE7IG90aGVyd2lzZSB3ZSBoYXZlIHRvIAp3YWxrIHByb2Nlc3Mg cGFnZSB0YWJsZXMgb3IgdXNlIGEgUEZOIHdhbGtlci4gQW5kIHplcm9pbmcgb3V0IHNlY3JldG1l bSAKcGFnZXMgd2l0aG91dCBhIGRpcmVjdCBtYXBwaW5nIGlzIGEgZGlmZmVyZW50IGNoYWxsZW5n ZS4KCk5vdywgZHVyaW5nIDIpIGl0IGNhbiBoYXBwZW4gdGhhdAoKYSkgV2UgY3Jhc2ggaW4gb3Vy IGNsZWFyaW5nIGNvZGUgKGUuZy4sIHNvbWV0aGluZyBpcyBzZXJpb3VzbHkgbWVzc2VkIAp1cCkg YW5kIGZhaWwgdG8gc3RhcnQgdGhlIGtkdW1wIGtlcm5lbC4gVGhhdCdzIGFjdHVhbGx5IGdvb2Qs IGluc3RlYWQgb2YgCmxlYWtpbmcgZGF0YSB3ZSBmYWlsIGhhcmQuCgpiKSBXZSBkb24ndCBmaW5k IGFsbCBzZWNyZXRtZW0gcGFnZXMsIGZvciBleGFtcGxlLCBiZWNhdXNlIHByb2Nlc3MgcGFnZSAK dGFibGVzIGFyZSBtZXNzZWQgdXAgb3Igc29tZXRoaW5nIG1lc3NlZCB1cCBvdXIgbWVtbWFwIChp ZiB3ZSdkIHVzZSB0aGF0IAp0byBpZGVudGlmeSBzZWNyZXRtZW0gcGFnZXMgdmlhIGEgUEZOIHdh bGtlciBzb21laG93KQoKCkJ1dCBmb3IgdGhlIHNpbXBsZSBjYXNlcyAoZS5nLiwgbWFsaWNpb3Vz IHJvb3QgdHJpZXMgdG8gY3Jhc2ggdGhlIGtlcm5lbCAKdmlhIC9wcm9jL3N5c3JxLXRyaWdnZXIp IGJvdGggYSkgYW5kIGIpIHdvdWxkbid0IGFwcGx5LgoKT2J2aW91c2x5LCBpZiBhbiBhZG1pbiB3 b3VsZCB3YW50IHRvIG1pdGlnYXRlIHJpZ2h0IG5vdywgaGUgd291bGQgd2FudCAKdG8gZGlzYWJs ZSBrZHVtcCBjb21wbGV0ZWx5LCBtZWFuaW5nIGFueSBhdHRlbXB0IHRvIGxvYWQgYSBjcmFzaGtl cm5lbCAKd291bGQgZmFpbCBhbmQgY2Fubm90IGJlIGVuYWJsZWQgYWdhaW4gZm9yIHRoYXQga2Vy bmVsIChhbHNvIG5vdCB2aWEgCmNtZGxpbmUgYW4gYXR0YWNrZXIgY291bGQgbW9kaWZ5IHRvIHJl Ym9vdCBpbnRvIGEgc3lzdGVtIHdpdGggdGhlIG9wdGlvbiAKZm9yIGEgY3Jhc2hrZXJuZWwpLiBE aXNhYmxpbmcga2R1bXAgaW4gdGhlIGtlcm5lbCB3aGVuIHNlY3JldG1lbSBwYWdlcyAKYXJlIGFs bG9jYXRlZCBpcyBvbmUgYXBwcm9hY2gsIGFsdGhvdWdoIHN1Yi1vcHRpbWFsLgoKPiBtb3JlIHJp c2t5IGl0IGdldHMuIEhvd2V2ZXIgZHVyaW5nIHJlYm9vdC9ub3JtYWwga2V4ZWMoKSB3ZSBzaG91 bGQgZG8KPiBzb21lIGNsZWFudXAsIGl0IG1ha2VzIHNlbnNlIGFuZCBzZWNyZXRtZW0gY2FuIGlu ZGVlZCBiZSB1c2VmdWwgaW4gdGhhdAo+IGNhc2UuIFJlZ2FyZGluZyBsb2FkaW5nIGN1c3RvbSBr ZXhlYygpIGtlcm5lbHMsIHdlIG1pdGlnYXRlIHRoaXMgd2l0aAo+IHRoZSBrZXhlYyBmaWxlLWJh c2VkIEFQSSB3aGVyZSB3ZSBjYW4gdmVyaWZ5IHRoZSBzaWduYXR1cmUgb2YgdGhlIGxvYWRlZAo+ IGtpbWFnZSAoYXNzdW1pbmcgdGhlIHN5c3RlbSBydW5zIGEga2VybmVsIHByb3ZpZGVkIGJ5IGEg dHJ1c3RlZCAzcmQKPiBwYXJ0eSBhbmQgd2UgJ3ZlIG1haW50YWluZWQgYSBjaGFpbiBvZiB0cnVz dCBzaW5jZSBib290aW5nKS4KCkZvciBleGFtcGxlIGluIFZNcyAobGlrZSBRRU1VKSwgd2Ugb2Z0 ZW4gZG9uJ3QgY2xlYXIgcGh5c2ljYWwgbWVtb3J5IApkdXJpbmcgYSByZWJvb3QuIFNvIGlmIGFu IGF0dGFja2VyIG1hbmFnZXMgdG8gbG9hZCBhIGtlcm5lbCB0aGF0IHlvdSBjYW4gCnRyaWNrIGlu dG8gcmVhZGluZyByYW5kb20gcGh5c2ljYWwgbWVtb3J5IGFyZWFzLCB3ZSBjYW4gbGVhayBzZWNy ZXRtZW0gCmRhdGEgSSB0aGluay4KCkFuZCB0aGVyZSBtaWdodCBiZSB3YXlzIHRvIGFjaGlldmUg dGhhdCBqdXN0IHVzaW5nIHRoZSBjbWRsaW5lLCBub3QgCm5lY2Vzc2FyaWx5IGxvYWRpbmcgYSBk aWZmZXJlbnQga2VybmVsLiBGb3IgZXhhbXBsZSBpZiB5b3UgbGltaXQgdGhlIAprZXJuZWwgZm9v dHByaW50ICgibWVtPTI1Nk0iKSBhbmQgZGlzYWJsZSBzdHJpY3RfaW9tZW1fY2hlY2tzIAooInN0 cmljdF9pb21lbV9jaGVja3M9cmVsYXhlZCIpIHlvdSBjYW4ganVzdCBleHRyYWN0IHRoYXQgbWVt b3J5IHZpYSAKL2Rldi9tZW0gaWYgSSBhbSBub3Qgd3JvbmcuCgpTbyBhcyBhbiBhdHRhY2tlciwg bW9kaWZ5IHRoZSAoZ3J1YikgY21kbGluZSB0byAibWVtPTI1Nk0gCnN0cmljdF9pb21lbV9jaGVj a3M9cmVsYXhlZCIsIHJlYm9vdCwgYW5kIHJlYWQgYWxsIG1lbW9yeSB2aWEgL2Rldi9tZW0uIApP ciBsb2FkIGEgc2lnbmVkIGtleGVjIGtlcm5lbCB3aXRoIHRoYXQgY21kbGluZSBhbmQgYm9vdCBp bnRvIGl0LgoKSW50ZXJlc3RpbmcgcHJvYmxlbSA6KQoKLS0gClRoYW5rcywKCkRhdmlkIC8gZGhp bGRlbmIKCgpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXwps aW51eC1yaXNjdiBtYWlsaW5nIGxpc3QKbGludXgtcmlzY3ZAbGlzdHMuaW5mcmFkZWFkLm9yZwpo dHRwOi8vbGlzdHMuaW5mcmFkZWFkLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2xpbnV4LXJpc2N2Cg== From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.1 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,NICE_REPLY_A, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2742FC43462 for ; Fri, 7 May 2021 07:35:56 +0000 (UTC) Received: from ml01.01.org (ml01.01.org [198.145.21.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id D1C1F61431 for ; Fri, 7 May 2021 07:35:55 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org D1C1F61431 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=redhat.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-nvdimm-bounces@lists.01.org Received: from ml01.vlan13.01.org (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 60FBA100EBB6F; Fri, 7 May 2021 00:35:55 -0700 (PDT) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=170.10.133.124; helo=us-smtp-delivery-124.mimecast.com; envelope-from=david@redhat.com; receiver= Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 8808B100EC1CE for ; Fri, 7 May 2021 00:35:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1620372951; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YRLhFcul/s0bAb0h6pwheuix10YVXJYp5em6Jk4RpTY=; b=LKQ8IWaBht40hQ37zGhiXWlx+x+Dj6an1dgqmq+UDQ3Msuggv1C2b3TezDAWLG/j28CUxx SYtxDjtmTeLa6lateTlt99a9Vpwn/iZBxnYdboXBfMzDsZa4lqARUwn76xIegra1nQR16K nHeDtHsZAN4JgiRXzfUjQ3eqptexoS4= Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-488-_XpjFp3MPeuTCe5aPY_g-w-1; Fri, 07 May 2021 03:35:49 -0400 X-MC-Unique: _XpjFp3MPeuTCe5aPY_g-w-1 Received: by mail-ed1-f71.google.com with SMTP id y17-20020a0564023591b02903886c26ada4so4008154edc.5 for ; Fri, 07 May 2021 00:35:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:cc:references:from:organization:subject :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=YRLhFcul/s0bAb0h6pwheuix10YVXJYp5em6Jk4RpTY=; b=UMYqIcILtcDk5QtvrVxpFBcNGlPkUVsZPm29PpEBJk7fOqIn7opIiqIXp2j/nYpf0+ XX9xc+1ov2THIZxG/Qo+CueMLwb6/l6UBVzs+bKlKjf8HbMf4buvgmfA2toHWgTf/TY8 IS0OqoA6TVvxEnHgt4hnBwZJw/LUy++UUayIPIWVE/RcmFikZvCNkJjsjz22nENtEljT rYqfPBM5uoTSX/+EivABY7dEgNq4htFsgYFT0yywyCH3Gv822LHdYnY/XKo41Xul3/7j zCNx7YnaUcUpT720YbmL7Sa7rz/kFTdIP/6Uz45wlerOd5gENQPbcWIndq1tU67KdQVQ ZtzQ== X-Gm-Message-State: AOAM530DjOUYcvkxFZEHjAeJoO8UmQ1+3W9suDE8syPb2NHIjiQlDihE GSMPpIEiEoM2bgZXs/s22JrFFFe1JDW3WfJYdfFz5qIoBw+VI4EbFUS4gMm6jZfXrkHy5gcsEHc u/+O1vnssh0w9TG+nvFdi X-Received: by 2002:a17:907:174a:: with SMTP id lf10mr8861656ejc.433.1620372948567; Fri, 07 May 2021 00:35:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx5XI2zKUbsKazvcW2Vr5jvMDeiB+dtOEKTtfzbIqz37aYae3i7ugq6B0OmfMhiabycSZroRA== X-Received: by 2002:a17:907:174a:: with SMTP id lf10mr8861569ejc.433.1620372947917; Fri, 07 May 2021 00:35:47 -0700 (PDT) Received: from [192.168.3.132] (p5b0c63c0.dip0.t-ipconnect.de. [91.12.99.192]) by smtp.gmail.com with ESMTPSA id l17sm2925176ejk.22.2021.05.07.00.35.45 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 07 May 2021 00:35:47 -0700 (PDT) To: Nick Kossifidis , jejb@linux.ibm.com References: <20210303162209.8609-1-rppt@kernel.org> <20210505120806.abfd4ee657ccabf2f221a0eb@linux-foundation.org> <996dbc29-e79c-9c31-1e47-cbf20db2937d@redhat.com> <8eb933f921c9dfe4c9b1b304e8f8fa4fbc249d84.camel@linux.ibm.com> <77fe28bd940b2c1afd69d65b6d349352@mailhost.ics.forth.gr> From: David Hildenbrand Organization: Red Hat Subject: Re: [PATCH v18 0/9] mm: introduce memfd_secret system call to create "secret" memory areas Message-ID: <5232c8a7-8a05-9d0f-69ff-3dba2b04e784@redhat.com> Date: Fri, 7 May 2021 09:35:45 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.1 MIME-Version: 1.0 In-Reply-To: <77fe28bd940b2c1afd69d65b6d349352@mailhost.ics.forth.gr> Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=david@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Message-ID-Hash: YVEGTZICHYOYEMIFN4HPMZJYMHRISCQQ X-Message-ID-Hash: YVEGTZICHYOYEMIFN4HPMZJYMHRISCQQ X-MailFrom: david@redhat.com X-Mailman-Rule-Hits: nonmember-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation CC: Andrew Morton , Mike Rapoport , Alexander Viro , Andy Lutomirski , Arnd Bergmann , Borislav Petkov , Catalin Marinas , Christopher Lameter , Dave Hansen , Elena Reshetova , "H. Peter Anvin" , Ingo Molnar , "Kirill A. Shutemov" , Matthew Wilcox , Matthew Garrett , Mark Rutland , Michal Hocko , Mike Rapoport , Michael Kerrisk , Palmer Dabbelt , Paul Walmsley , Peter Zijlstra , "Rafael J. Wysocki" , Rick Edgecombe , Roman Gushchin , Shakeel Butt , Shuah Khan , Thomas Gleixner , Tycho Andersen , Will Deacon , linux-api@vger.kernel.org, linux-arch@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-nvdimm@lists.01.org, linux-riscv@lists.infradead.org, x86@kernel.org X-Mailman-Version: 3.1.1 Precedence: list List-Id: "Linux-nvdimm developer list." Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: Content-Type: text/plain; charset="utf-8"; format="flowed" Content-Transfer-Encoding: base64 T24gMDcuMDUuMjEgMDE6MTYsIE5pY2sgS29zc2lmaWRpcyB3cm90ZToNCj4gzqPPhM65z4IgMjAy MS0wNS0wNiAyMDowNSwgSmFtZXMgQm90dG9tbGV5IM6tzrPPgc6xz4jOtToNCj4+IE9uIFRodSwg MjAyMS0wNS0wNiBhdCAxODo0NSArMDIwMCwgRGF2aWQgSGlsZGVuYnJhbmQgd3JvdGU6DQo+Pj4N Cj4+PiBBbHNvLCB0aGVyZSBpcyBhIHdheSB0byBzdGlsbCByZWFkIHRoYXQgbWVtb3J5IHdoZW4g cm9vdCBieQ0KPj4+DQo+Pj4gMS4gSGF2aW5nIGtkdW1wIGFjdGl2ZSAod2hpY2ggd291bGQgb2Z0 ZW4gYmUgdGhlIGNhc2UsIGJ1dCBtYXliZSBub3QNCj4+PiB0byBkdW1wIHVzZXIgcGFnZXMgKQ0K Pj4+IDIuIFRyaWdnZXJpbmcgYSBrZXJuZWwgY3Jhc2ggKGVhc3kgdmlhIHByb2MgYXMgcm9vdCkN Cj4+PiAzLiBXYWl0aW5nIGZvciB0aGUgcmVib290IGFmdGVyIGt1bXAoKSBjcmVhdGVkIHRoZSBk dW1wIGFuZCB0aGVuDQo+Pj4gcmVhZGluZyB0aGUgY29udGVudCBmcm9tIGRpc2suDQo+Pg0KPj4g QW55dGhpbmcgdGhhdCBjYW4gbGVhdmUgcGh5c2ljYWwgbWVtb3J5IGludGFjdCBidXQgYm9vdCB0 byBhIGtlcm5lbA0KPj4gd2hlcmUgdGhlIG1pc3NpbmcgZGlyZWN0IG1hcCBlbnRyeSBpcyByZXN0 b3JlZCBjb3VsZCB0aGVvcmV0aWNhbGx5DQo+PiBleHRyYWN0IHRoZSBzZWNyZXQuICBIb3dldmVy LCBpdCdzIG5vdCBleGFjdGx5IGdvaW5nIHRvIGJlIGEgc3RlYWx0aHkNCj4+IGV4dHJhY3Rpb24g Li4uDQo+Pg0KPj4+IE9yLCBhcyBhbiBhdHRhY2tlciwgbG9hZCBhIGN1c3RvbSBrZXhlYygpIGtl cm5lbCBhbmQgcmVhZCBtZW1vcnkNCj4+PiBmcm9tIHRoZSBuZXcgZW52aXJvbm1lbnQuIE9mIGNv dXJzZSwgdGhlIGxhdHRlciB0d28gYXJlIGFkdmFuY2VkDQo+Pj4gbWVjaGFuaXNtcywgYnV0IHRo ZXkgYXJlIHBvc3NpYmxlIHdoZW4gcm9vdC4gV2UgbWlnaHQgYmUgYWJsZSB0bw0KPj4+IG1pdGln YXRlLCBmb3IgZXhhbXBsZSwgYnkgemVyb2luZyBvdXQgc2VjcmV0bWVtIHBhZ2VzIGJlZm9yZSBi b290aW5nDQo+Pj4gaW50byB0aGUga2V4ZWMga2VybmVsLCBpZiB3ZSBjYXJlIDopDQo+Pg0KPj4g SSB0aGluayB3ZSBjb3VsZCBoYW5kbGUgaXQgYnkgbWFya2luZyB0aGUgcmVnaW9uLCB5ZXMsIGFu ZCBhIHplcm8gb24NCj4+IHNodXRkb3duIG1pZ2h0IGJlIHVzZWZ1bCAuLi4gaXQgd291bGQgcHJl dmVudCBhbGwgd2FybSByZWJvb3QgdHlwZQ0KPj4gYXR0YWNrcy4NCj4+DQo+IA0KPiBJIGhhZCBz aW1pbGFyIGNvbmNlcm5zIGFib3V0IHJlY292ZXJpbmcgc2VjcmV0cyB3aXRoIGtkdW1wLCBhbmQN Cj4gY29uc2lkZXJlZCBjbGVhbmluZyB1cCBrZXlyaW5ncyBiZWZvcmUganVtcGluZyB0byB0aGUg bmV3IGtlcm5lbC4gVGhlDQo+IHByb2JsZW0gaXMgd2UgY2FuJ3QgcHJvdmlkZSBndWFyYW50ZWVz IGluIHRoYXQgY2FzZSwgb25jZSB0aGUga2VybmVsIGhhcw0KPiBjcmFzaGVkIGFuZCB3ZSBhcmUg b24gb3VyIHdheSB0byBydW4gY3Jhc2hrZXJuZWwsIHdlIGNhbid0IGJlIHN1cmUgd2UNCj4gY2Fu IHJlbGlhYmx5IHplcm8tb3V0IGFueXRoaW5nLCB0aGUgbW9yZSBjb2RlIHdlIGFkZCB0byB0aGF0 IHBhdGggdGhlDQoNCldlbGwsIEkgdGhpbmsgaXQgZGVwZW5kcy4gQXNzdW1lIHdlIGRvIHRoZSBm b2xsb3dpbmcNCg0KMSkgWmVybyBvdXQgYW55IHNlY3JldG1lbSBwYWdlcyB3aGVuIGhhbmRpbmcg dGhlbSBiYWNrIHRvIHRoZSBidWRkeS4gDQooYWx0ZXJuYXRpdmU6IGluaXRfb25fZnJlZT0xKSAt LSBpZiBub3QgYWxyZWFkeSBkb25lLCBJIGRpZG4ndCBjaGVjayB0aGUgDQpjb2RlLg0KDQoyKSBP biBrZHVtcCgpLCB6ZXJvIG91dCBhbGwgYWxsb2NhdGVkIHNlY3JldG1lbS4gSXQnZCBiZSBlYXNp ZXIgaWYgd2UnZCANCmp1c3QgYWxsb2NhdGVkIGZyb20gYSBmaXhlZCBwaHlzaWNhbCBtZW1vcnkg YXJlYTsgb3RoZXJ3aXNlIHdlIGhhdmUgdG8gDQp3YWxrIHByb2Nlc3MgcGFnZSB0YWJsZXMgb3Ig dXNlIGEgUEZOIHdhbGtlci4gQW5kIHplcm9pbmcgb3V0IHNlY3JldG1lbSANCnBhZ2VzIHdpdGhv dXQgYSBkaXJlY3QgbWFwcGluZyBpcyBhIGRpZmZlcmVudCBjaGFsbGVuZ2UuDQoNCk5vdywgZHVy aW5nIDIpIGl0IGNhbiBoYXBwZW4gdGhhdA0KDQphKSBXZSBjcmFzaCBpbiBvdXIgY2xlYXJpbmcg Y29kZSAoZS5nLiwgc29tZXRoaW5nIGlzIHNlcmlvdXNseSBtZXNzZWQgDQp1cCkgYW5kIGZhaWwg dG8gc3RhcnQgdGhlIGtkdW1wIGtlcm5lbC4gVGhhdCdzIGFjdHVhbGx5IGdvb2QsIGluc3RlYWQg b2YgDQpsZWFraW5nIGRhdGEgd2UgZmFpbCBoYXJkLg0KDQpiKSBXZSBkb24ndCBmaW5kIGFsbCBz ZWNyZXRtZW0gcGFnZXMsIGZvciBleGFtcGxlLCBiZWNhdXNlIHByb2Nlc3MgcGFnZSANCnRhYmxl cyBhcmUgbWVzc2VkIHVwIG9yIHNvbWV0aGluZyBtZXNzZWQgdXAgb3VyIG1lbW1hcCAoaWYgd2Un ZCB1c2UgdGhhdCANCnRvIGlkZW50aWZ5IHNlY3JldG1lbSBwYWdlcyB2aWEgYSBQRk4gd2Fsa2Vy IHNvbWVob3cpDQoNCg0KQnV0IGZvciB0aGUgc2ltcGxlIGNhc2VzIChlLmcuLCBtYWxpY2lvdXMg cm9vdCB0cmllcyB0byBjcmFzaCB0aGUga2VybmVsIA0KdmlhIC9wcm9jL3N5c3JxLXRyaWdnZXIp IGJvdGggYSkgYW5kIGIpIHdvdWxkbid0IGFwcGx5Lg0KDQpPYnZpb3VzbHksIGlmIGFuIGFkbWlu IHdvdWxkIHdhbnQgdG8gbWl0aWdhdGUgcmlnaHQgbm93LCBoZSB3b3VsZCB3YW50IA0KdG8gZGlz YWJsZSBrZHVtcCBjb21wbGV0ZWx5LCBtZWFuaW5nIGFueSBhdHRlbXB0IHRvIGxvYWQgYSBjcmFz aGtlcm5lbCANCndvdWxkIGZhaWwgYW5kIGNhbm5vdCBiZSBlbmFibGVkIGFnYWluIGZvciB0aGF0 IGtlcm5lbCAoYWxzbyBub3QgdmlhIA0KY21kbGluZSBhbiBhdHRhY2tlciBjb3VsZCBtb2RpZnkg dG8gcmVib290IGludG8gYSBzeXN0ZW0gd2l0aCB0aGUgb3B0aW9uIA0KZm9yIGEgY3Jhc2hrZXJu ZWwpLiBEaXNhYmxpbmcga2R1bXAgaW4gdGhlIGtlcm5lbCB3aGVuIHNlY3JldG1lbSBwYWdlcyAN CmFyZSBhbGxvY2F0ZWQgaXMgb25lIGFwcHJvYWNoLCBhbHRob3VnaCBzdWItb3B0aW1hbC4NCg0K PiBtb3JlIHJpc2t5IGl0IGdldHMuIEhvd2V2ZXIgZHVyaW5nIHJlYm9vdC9ub3JtYWwga2V4ZWMo KSB3ZSBzaG91bGQgZG8NCj4gc29tZSBjbGVhbnVwLCBpdCBtYWtlcyBzZW5zZSBhbmQgc2VjcmV0 bWVtIGNhbiBpbmRlZWQgYmUgdXNlZnVsIGluIHRoYXQNCj4gY2FzZS4gUmVnYXJkaW5nIGxvYWRp bmcgY3VzdG9tIGtleGVjKCkga2VybmVscywgd2UgbWl0aWdhdGUgdGhpcyB3aXRoDQo+IHRoZSBr ZXhlYyBmaWxlLWJhc2VkIEFQSSB3aGVyZSB3ZSBjYW4gdmVyaWZ5IHRoZSBzaWduYXR1cmUgb2Yg dGhlIGxvYWRlZA0KPiBraW1hZ2UgKGFzc3VtaW5nIHRoZSBzeXN0ZW0gcnVucyBhIGtlcm5lbCBw cm92aWRlZCBieSBhIHRydXN0ZWQgM3JkDQo+IHBhcnR5IGFuZCB3ZSAndmUgbWFpbnRhaW5lZCBh IGNoYWluIG9mIHRydXN0IHNpbmNlIGJvb3RpbmcpLg0KDQpGb3IgZXhhbXBsZSBpbiBWTXMgKGxp a2UgUUVNVSksIHdlIG9mdGVuIGRvbid0IGNsZWFyIHBoeXNpY2FsIG1lbW9yeSANCmR1cmluZyBh IHJlYm9vdC4gU28gaWYgYW4gYXR0YWNrZXIgbWFuYWdlcyB0byBsb2FkIGEga2VybmVsIHRoYXQg eW91IGNhbiANCnRyaWNrIGludG8gcmVhZGluZyByYW5kb20gcGh5c2ljYWwgbWVtb3J5IGFyZWFz LCB3ZSBjYW4gbGVhayBzZWNyZXRtZW0gDQpkYXRhIEkgdGhpbmsuDQoNCkFuZCB0aGVyZSBtaWdo dCBiZSB3YXlzIHRvIGFjaGlldmUgdGhhdCBqdXN0IHVzaW5nIHRoZSBjbWRsaW5lLCBub3QgDQpu ZWNlc3NhcmlseSBsb2FkaW5nIGEgZGlmZmVyZW50IGtlcm5lbC4gRm9yIGV4YW1wbGUgaWYgeW91 IGxpbWl0IHRoZSANCmtlcm5lbCBmb290cHJpbnQgKCJtZW09MjU2TSIpIGFuZCBkaXNhYmxlIHN0 cmljdF9pb21lbV9jaGVja3MgDQooInN0cmljdF9pb21lbV9jaGVja3M9cmVsYXhlZCIpIHlvdSBj YW4ganVzdCBleHRyYWN0IHRoYXQgbWVtb3J5IHZpYSANCi9kZXYvbWVtIGlmIEkgYW0gbm90IHdy b25nLg0KDQpTbyBhcyBhbiBhdHRhY2tlciwgbW9kaWZ5IHRoZSAoZ3J1YikgY21kbGluZSB0byAi bWVtPTI1Nk0gDQpzdHJpY3RfaW9tZW1fY2hlY2tzPXJlbGF4ZWQiLCByZWJvb3QsIGFuZCByZWFk IGFsbCBtZW1vcnkgdmlhIC9kZXYvbWVtLiANCk9yIGxvYWQgYSBzaWduZWQga2V4ZWMga2VybmVs IHdpdGggdGhhdCBjbWRsaW5lIGFuZCBib290IGludG8gaXQuDQoNCkludGVyZXN0aW5nIHByb2Js ZW0gOikNCg0KLS0gDQpUaGFua3MsDQoNCkRhdmlkIC8gZGhpbGRlbmINCl9fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCkxpbnV4LW52ZGltbSBtYWlsaW5nIGxp c3QgLS0gbGludXgtbnZkaW1tQGxpc3RzLjAxLm9yZwpUbyB1bnN1YnNjcmliZSBzZW5kIGFuIGVt YWlsIHRvIGxpbnV4LW52ZGltbS1sZWF2ZUBsaXN0cy4wMS5vcmcK From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6FE15C433B4 for ; Fri, 7 May 2021 07:38:00 +0000 (UTC) Received: from desiato.infradead.org (desiato.infradead.org [90.155.92.199]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id CABB26141B for ; Fri, 7 May 2021 07:37:59 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org CABB26141B Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=redhat.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=desiato.20200630; h=Sender:Content-Type: Content-Transfer-Encoding:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:Date:Message-ID:Subject: From:References:Cc:To:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=yqrgd+hGryEavwVJBZjF5EiTd0O/OrPX/drhD3fCSz0=; b=AmePsfWnXygq5C/9WsIkpPwOw pN1xMLzXzVn7KQGfHuFkoSoAYJknoQ7Mz/nsVd8hyhVm5x3cvBXTIUfhdLmQ2qlOrJDjMUWpyETjJ Un9zCmjz57oZ7k6jmFT32znG5kH+U3m/f+IA/lnU4AHsEVvD9PIVCZT1rKD1kDFQRGxb70Xgc+awt CmFmTHu7+5kEiW9YFux8jpjT59nJ2bneySKikQEYeCpH8v0Gu3Gi7x4ZFS/e8heud4FKlmZj1e+9L YcO54iaEp5KAJZa9eLfthfhCKp+bcOvBf+IUTB4JvfQvpw3XyKetDa3wMMEdajpGtxlQMnH9uilxH kJCs5hLMw==; Received: from localhost ([::1] helo=desiato.infradead.org) by desiato.infradead.org with esmtp (Exim 4.94 #2 (Red Hat Linux)) id 1lev1m-006OL6-V5; Fri, 07 May 2021 07:36:03 +0000 Received: from bombadil.infradead.org ([2607:7c80:54:e::133]) by desiato.infradead.org with esmtps (Exim 4.94 #2 (Red Hat Linux)) id 1lev1i-006OJi-0t for linux-arm-kernel@desiato.infradead.org; Fri, 07 May 2021 07:35:58 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20210309; h=Content-Transfer-Encoding: Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:Subject:From:References :Cc:To:Sender:Reply-To:Content-ID:Content-Description; bh=YRLhFcul/s0bAb0h6pwheuix10YVXJYp5em6Jk4RpTY=; b=VG5nbpFXTtPrnzYapgdeKNietC MpXiZOIFUH2xxaDoLe/i4bT2yCAx08pFYhEdP2Kwx0OAHUW0OuS2k99C/PIyqcKnVhwNx2rmMysrS WWsgM2e44y3T6jyzFrKx855nDMrBXfzolmAr0J90akF6L6NWRgPTkWoJ9W2cOu7wWJyQiGyaPff/k iUOOIfbohmvG/vfAaAqIYpxJvfLufqFd3O7pp09IH1U2q3QGCKf9zFPidgxSFpjd/vamVdPCbQXzP PT7neXMcceBHdXI2TaUsm1JfycVj3+Yufr1HY8plSj5ZwEz6xDwXZqqkAIMM/hAx1+LugWnc3A3Ry UFgM2QRg==; Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by bombadil.infradead.org with esmtps (Exim 4.94 #2 (Red Hat Linux)) id 1lev1f-006ejv-6T for linux-arm-kernel@lists.infradead.org; Fri, 07 May 2021 07:35:56 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1620372954; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YRLhFcul/s0bAb0h6pwheuix10YVXJYp5em6Jk4RpTY=; b=JQdbQdsPz4b9gXh8NFdSahAymT19biconYsvQ9Wz/k45j+OvC/WaiywCrs5NAatAibpwwO BKOIaKgyJ5bblRp+Z5MidB8ddQd5jN7I3C0F0O0P98wl4HyThZZQmrWs5mPOu970ScnbZL gJ0UcQBVXpx6/+pMu9Pn2sl4GyBHPTk= Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-602-EGqImhyKM5mj6a9XCOOFdQ-1; Fri, 07 May 2021 03:35:49 -0400 X-MC-Unique: EGqImhyKM5mj6a9XCOOFdQ-1 Received: by mail-ed1-f70.google.com with SMTP id g17-20020aa7dd910000b029038843570b67so4003159edv.9 for ; Fri, 07 May 2021 00:35:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:cc:references:from:organization:subject :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=YRLhFcul/s0bAb0h6pwheuix10YVXJYp5em6Jk4RpTY=; b=P5uPWPqXhlgm9HeXoKyBWFBNLn1w3o2dBoxPnq7O1jlsbf8pCJ8fVssIMTfug2Ns5O yoCSZajKWcLpDxhJ1/4q0TPbO6YfCHlea/44wWPhMQMna/Q02jJGEVaAmy4Bjf8UbCIL Na479UkBVnoEOFaqkX724EMydDgTSEQ3+uf44UxAxT5u991wgZ6pA28B4Xgpobo6aikV y1CwSXuNQLYaP9tajTFZQ6f5x0rGM8iaS09vn/2yGBz28t2Q59/b2mlV90C2SwIwbrWX 11zPN0nVfjnABaoXblh7EA4neCScT8UfkZBd9uJOKrosPLcaMdMA0WG/MoqDByvmGnIa nLWA== X-Gm-Message-State: AOAM532DNP5LrgQGki4E5h6HZijdtOvKBDtshM+g0VOi7sh27hdm1Pkm +Y0C7GI3hhbsYEY70SAs6ve174GPS/3Q6j4tGAqphHfzmDpn+B7+3EWp6QK7H9ctqQXBiavn1qE KvVgnV6tlk3a/78lWE4PEEUjCdx/0hsZAqnE= X-Received: by 2002:a17:907:174a:: with SMTP id lf10mr8861630ejc.433.1620372948290; Fri, 07 May 2021 00:35:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx5XI2zKUbsKazvcW2Vr5jvMDeiB+dtOEKTtfzbIqz37aYae3i7ugq6B0OmfMhiabycSZroRA== X-Received: by 2002:a17:907:174a:: with SMTP id lf10mr8861569ejc.433.1620372947917; Fri, 07 May 2021 00:35:47 -0700 (PDT) Received: from [192.168.3.132] (p5b0c63c0.dip0.t-ipconnect.de. [91.12.99.192]) by smtp.gmail.com with ESMTPSA id l17sm2925176ejk.22.2021.05.07.00.35.45 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 07 May 2021 00:35:47 -0700 (PDT) To: Nick Kossifidis , jejb@linux.ibm.com Cc: Andrew Morton , Mike Rapoport , Alexander Viro , Andy Lutomirski , Arnd Bergmann , Borislav Petkov , Catalin Marinas , Christopher Lameter , Dan Williams , Dave Hansen , Elena Reshetova , "H. Peter Anvin" , Ingo Molnar , "Kirill A. Shutemov" , Matthew Wilcox , Matthew Garrett , Mark Rutland , Michal Hocko , Mike Rapoport , Michael Kerrisk , Palmer Dabbelt , Paul Walmsley , Peter Zijlstra , "Rafael J. Wysocki" , Rick Edgecombe , Roman Gushchin , Shakeel Butt , Shuah Khan , Thomas Gleixner , Tycho Andersen , Will Deacon , linux-api@vger.kernel.org, linux-arch@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-nvdimm@lists.01.org, linux-riscv@lists.infradead.org, x86@kernel.org References: <20210303162209.8609-1-rppt@kernel.org> <20210505120806.abfd4ee657ccabf2f221a0eb@linux-foundation.org> <996dbc29-e79c-9c31-1e47-cbf20db2937d@redhat.com> <8eb933f921c9dfe4c9b1b304e8f8fa4fbc249d84.camel@linux.ibm.com> <77fe28bd940b2c1afd69d65b6d349352@mailhost.ics.forth.gr> From: David Hildenbrand Organization: Red Hat Subject: Re: [PATCH v18 0/9] mm: introduce memfd_secret system call to create "secret" memory areas Message-ID: <5232c8a7-8a05-9d0f-69ff-3dba2b04e784@redhat.com> Date: Fri, 7 May 2021 09:35:45 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.1 MIME-Version: 1.0 In-Reply-To: <77fe28bd940b2c1afd69d65b6d349352@mailhost.ics.forth.gr> Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=david@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210507_003555_322215_0AE3725B X-CRM114-Status: GOOD ( 37.70 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: base64 Content-Type: text/plain; charset="utf-8"; Format="flowed" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org T24gMDcuMDUuMjEgMDE6MTYsIE5pY2sgS29zc2lmaWRpcyB3cm90ZToKPiDOo8+EzrnPgiAyMDIx LTA1LTA2IDIwOjA1LCBKYW1lcyBCb3R0b21sZXkgzq3Os8+BzrHPiM61Ogo+PiBPbiBUaHUsIDIw MjEtMDUtMDYgYXQgMTg6NDUgKzAyMDAsIERhdmlkIEhpbGRlbmJyYW5kIHdyb3RlOgo+Pj4KPj4+ IEFsc28sIHRoZXJlIGlzIGEgd2F5IHRvIHN0aWxsIHJlYWQgdGhhdCBtZW1vcnkgd2hlbiByb290 IGJ5Cj4+Pgo+Pj4gMS4gSGF2aW5nIGtkdW1wIGFjdGl2ZSAod2hpY2ggd291bGQgb2Z0ZW4gYmUg dGhlIGNhc2UsIGJ1dCBtYXliZSBub3QKPj4+IHRvIGR1bXAgdXNlciBwYWdlcyApCj4+PiAyLiBU cmlnZ2VyaW5nIGEga2VybmVsIGNyYXNoIChlYXN5IHZpYSBwcm9jIGFzIHJvb3QpCj4+PiAzLiBX YWl0aW5nIGZvciB0aGUgcmVib290IGFmdGVyIGt1bXAoKSBjcmVhdGVkIHRoZSBkdW1wIGFuZCB0 aGVuCj4+PiByZWFkaW5nIHRoZSBjb250ZW50IGZyb20gZGlzay4KPj4KPj4gQW55dGhpbmcgdGhh dCBjYW4gbGVhdmUgcGh5c2ljYWwgbWVtb3J5IGludGFjdCBidXQgYm9vdCB0byBhIGtlcm5lbAo+ PiB3aGVyZSB0aGUgbWlzc2luZyBkaXJlY3QgbWFwIGVudHJ5IGlzIHJlc3RvcmVkIGNvdWxkIHRo ZW9yZXRpY2FsbHkKPj4gZXh0cmFjdCB0aGUgc2VjcmV0LiAgSG93ZXZlciwgaXQncyBub3QgZXhh Y3RseSBnb2luZyB0byBiZSBhIHN0ZWFsdGh5Cj4+IGV4dHJhY3Rpb24gLi4uCj4+Cj4+PiBPciwg YXMgYW4gYXR0YWNrZXIsIGxvYWQgYSBjdXN0b20ga2V4ZWMoKSBrZXJuZWwgYW5kIHJlYWQgbWVt b3J5Cj4+PiBmcm9tIHRoZSBuZXcgZW52aXJvbm1lbnQuIE9mIGNvdXJzZSwgdGhlIGxhdHRlciB0 d28gYXJlIGFkdmFuY2VkCj4+PiBtZWNoYW5pc21zLCBidXQgdGhleSBhcmUgcG9zc2libGUgd2hl biByb290LiBXZSBtaWdodCBiZSBhYmxlIHRvCj4+PiBtaXRpZ2F0ZSwgZm9yIGV4YW1wbGUsIGJ5 IHplcm9pbmcgb3V0IHNlY3JldG1lbSBwYWdlcyBiZWZvcmUgYm9vdGluZwo+Pj4gaW50byB0aGUg a2V4ZWMga2VybmVsLCBpZiB3ZSBjYXJlIDopCj4+Cj4+IEkgdGhpbmsgd2UgY291bGQgaGFuZGxl IGl0IGJ5IG1hcmtpbmcgdGhlIHJlZ2lvbiwgeWVzLCBhbmQgYSB6ZXJvIG9uCj4+IHNodXRkb3du IG1pZ2h0IGJlIHVzZWZ1bCAuLi4gaXQgd291bGQgcHJldmVudCBhbGwgd2FybSByZWJvb3QgdHlw ZQo+PiBhdHRhY2tzLgo+Pgo+IAo+IEkgaGFkIHNpbWlsYXIgY29uY2VybnMgYWJvdXQgcmVjb3Zl cmluZyBzZWNyZXRzIHdpdGgga2R1bXAsIGFuZAo+IGNvbnNpZGVyZWQgY2xlYW5pbmcgdXAga2V5 cmluZ3MgYmVmb3JlIGp1bXBpbmcgdG8gdGhlIG5ldyBrZXJuZWwuIFRoZQo+IHByb2JsZW0gaXMg d2UgY2FuJ3QgcHJvdmlkZSBndWFyYW50ZWVzIGluIHRoYXQgY2FzZSwgb25jZSB0aGUga2VybmVs IGhhcwo+IGNyYXNoZWQgYW5kIHdlIGFyZSBvbiBvdXIgd2F5IHRvIHJ1biBjcmFzaGtlcm5lbCwg d2UgY2FuJ3QgYmUgc3VyZSB3ZQo+IGNhbiByZWxpYWJseSB6ZXJvLW91dCBhbnl0aGluZywgdGhl IG1vcmUgY29kZSB3ZSBhZGQgdG8gdGhhdCBwYXRoIHRoZQoKV2VsbCwgSSB0aGluayBpdCBkZXBl bmRzLiBBc3N1bWUgd2UgZG8gdGhlIGZvbGxvd2luZwoKMSkgWmVybyBvdXQgYW55IHNlY3JldG1l bSBwYWdlcyB3aGVuIGhhbmRpbmcgdGhlbSBiYWNrIHRvIHRoZSBidWRkeS4gCihhbHRlcm5hdGl2 ZTogaW5pdF9vbl9mcmVlPTEpIC0tIGlmIG5vdCBhbHJlYWR5IGRvbmUsIEkgZGlkbid0IGNoZWNr IHRoZSAKY29kZS4KCjIpIE9uIGtkdW1wKCksIHplcm8gb3V0IGFsbCBhbGxvY2F0ZWQgc2VjcmV0 bWVtLiBJdCdkIGJlIGVhc2llciBpZiB3ZSdkIApqdXN0IGFsbG9jYXRlZCBmcm9tIGEgZml4ZWQg cGh5c2ljYWwgbWVtb3J5IGFyZWE7IG90aGVyd2lzZSB3ZSBoYXZlIHRvIAp3YWxrIHByb2Nlc3Mg cGFnZSB0YWJsZXMgb3IgdXNlIGEgUEZOIHdhbGtlci4gQW5kIHplcm9pbmcgb3V0IHNlY3JldG1l bSAKcGFnZXMgd2l0aG91dCBhIGRpcmVjdCBtYXBwaW5nIGlzIGEgZGlmZmVyZW50IGNoYWxsZW5n ZS4KCk5vdywgZHVyaW5nIDIpIGl0IGNhbiBoYXBwZW4gdGhhdAoKYSkgV2UgY3Jhc2ggaW4gb3Vy IGNsZWFyaW5nIGNvZGUgKGUuZy4sIHNvbWV0aGluZyBpcyBzZXJpb3VzbHkgbWVzc2VkIAp1cCkg YW5kIGZhaWwgdG8gc3RhcnQgdGhlIGtkdW1wIGtlcm5lbC4gVGhhdCdzIGFjdHVhbGx5IGdvb2Qs IGluc3RlYWQgb2YgCmxlYWtpbmcgZGF0YSB3ZSBmYWlsIGhhcmQuCgpiKSBXZSBkb24ndCBmaW5k IGFsbCBzZWNyZXRtZW0gcGFnZXMsIGZvciBleGFtcGxlLCBiZWNhdXNlIHByb2Nlc3MgcGFnZSAK dGFibGVzIGFyZSBtZXNzZWQgdXAgb3Igc29tZXRoaW5nIG1lc3NlZCB1cCBvdXIgbWVtbWFwIChp ZiB3ZSdkIHVzZSB0aGF0IAp0byBpZGVudGlmeSBzZWNyZXRtZW0gcGFnZXMgdmlhIGEgUEZOIHdh bGtlciBzb21laG93KQoKCkJ1dCBmb3IgdGhlIHNpbXBsZSBjYXNlcyAoZS5nLiwgbWFsaWNpb3Vz IHJvb3QgdHJpZXMgdG8gY3Jhc2ggdGhlIGtlcm5lbCAKdmlhIC9wcm9jL3N5c3JxLXRyaWdnZXIp IGJvdGggYSkgYW5kIGIpIHdvdWxkbid0IGFwcGx5LgoKT2J2aW91c2x5LCBpZiBhbiBhZG1pbiB3 b3VsZCB3YW50IHRvIG1pdGlnYXRlIHJpZ2h0IG5vdywgaGUgd291bGQgd2FudCAKdG8gZGlzYWJs ZSBrZHVtcCBjb21wbGV0ZWx5LCBtZWFuaW5nIGFueSBhdHRlbXB0IHRvIGxvYWQgYSBjcmFzaGtl cm5lbCAKd291bGQgZmFpbCBhbmQgY2Fubm90IGJlIGVuYWJsZWQgYWdhaW4gZm9yIHRoYXQga2Vy bmVsIChhbHNvIG5vdCB2aWEgCmNtZGxpbmUgYW4gYXR0YWNrZXIgY291bGQgbW9kaWZ5IHRvIHJl Ym9vdCBpbnRvIGEgc3lzdGVtIHdpdGggdGhlIG9wdGlvbiAKZm9yIGEgY3Jhc2hrZXJuZWwpLiBE aXNhYmxpbmcga2R1bXAgaW4gdGhlIGtlcm5lbCB3aGVuIHNlY3JldG1lbSBwYWdlcyAKYXJlIGFs bG9jYXRlZCBpcyBvbmUgYXBwcm9hY2gsIGFsdGhvdWdoIHN1Yi1vcHRpbWFsLgoKPiBtb3JlIHJp c2t5IGl0IGdldHMuIEhvd2V2ZXIgZHVyaW5nIHJlYm9vdC9ub3JtYWwga2V4ZWMoKSB3ZSBzaG91 bGQgZG8KPiBzb21lIGNsZWFudXAsIGl0IG1ha2VzIHNlbnNlIGFuZCBzZWNyZXRtZW0gY2FuIGlu ZGVlZCBiZSB1c2VmdWwgaW4gdGhhdAo+IGNhc2UuIFJlZ2FyZGluZyBsb2FkaW5nIGN1c3RvbSBr ZXhlYygpIGtlcm5lbHMsIHdlIG1pdGlnYXRlIHRoaXMgd2l0aAo+IHRoZSBrZXhlYyBmaWxlLWJh c2VkIEFQSSB3aGVyZSB3ZSBjYW4gdmVyaWZ5IHRoZSBzaWduYXR1cmUgb2YgdGhlIGxvYWRlZAo+ IGtpbWFnZSAoYXNzdW1pbmcgdGhlIHN5c3RlbSBydW5zIGEga2VybmVsIHByb3ZpZGVkIGJ5IGEg dHJ1c3RlZCAzcmQKPiBwYXJ0eSBhbmQgd2UgJ3ZlIG1haW50YWluZWQgYSBjaGFpbiBvZiB0cnVz dCBzaW5jZSBib290aW5nKS4KCkZvciBleGFtcGxlIGluIFZNcyAobGlrZSBRRU1VKSwgd2Ugb2Z0 ZW4gZG9uJ3QgY2xlYXIgcGh5c2ljYWwgbWVtb3J5IApkdXJpbmcgYSByZWJvb3QuIFNvIGlmIGFu IGF0dGFja2VyIG1hbmFnZXMgdG8gbG9hZCBhIGtlcm5lbCB0aGF0IHlvdSBjYW4gCnRyaWNrIGlu dG8gcmVhZGluZyByYW5kb20gcGh5c2ljYWwgbWVtb3J5IGFyZWFzLCB3ZSBjYW4gbGVhayBzZWNy ZXRtZW0gCmRhdGEgSSB0aGluay4KCkFuZCB0aGVyZSBtaWdodCBiZSB3YXlzIHRvIGFjaGlldmUg dGhhdCBqdXN0IHVzaW5nIHRoZSBjbWRsaW5lLCBub3QgCm5lY2Vzc2FyaWx5IGxvYWRpbmcgYSBk aWZmZXJlbnQga2VybmVsLiBGb3IgZXhhbXBsZSBpZiB5b3UgbGltaXQgdGhlIAprZXJuZWwgZm9v dHByaW50ICgibWVtPTI1Nk0iKSBhbmQgZGlzYWJsZSBzdHJpY3RfaW9tZW1fY2hlY2tzIAooInN0 cmljdF9pb21lbV9jaGVja3M9cmVsYXhlZCIpIHlvdSBjYW4ganVzdCBleHRyYWN0IHRoYXQgbWVt b3J5IHZpYSAKL2Rldi9tZW0gaWYgSSBhbSBub3Qgd3JvbmcuCgpTbyBhcyBhbiBhdHRhY2tlciwg bW9kaWZ5IHRoZSAoZ3J1YikgY21kbGluZSB0byAibWVtPTI1Nk0gCnN0cmljdF9pb21lbV9jaGVj a3M9cmVsYXhlZCIsIHJlYm9vdCwgYW5kIHJlYWQgYWxsIG1lbW9yeSB2aWEgL2Rldi9tZW0uIApP ciBsb2FkIGEgc2lnbmVkIGtleGVjIGtlcm5lbCB3aXRoIHRoYXQgY21kbGluZSBhbmQgYm9vdCBp bnRvIGl0LgoKSW50ZXJlc3RpbmcgcHJvYmxlbSA6KQoKLS0gClRoYW5rcywKCkRhdmlkIC8gZGhp bGRlbmIKCgpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXwps aW51eC1hcm0ta2VybmVsIG1haWxpbmcgbGlzdApsaW51eC1hcm0ta2VybmVsQGxpc3RzLmluZnJh ZGVhZC5vcmcKaHR0cDovL2xpc3RzLmluZnJhZGVhZC5vcmcvbWFpbG1hbi9saXN0aW5mby9saW51 eC1hcm0ta2VybmVsCg==