* [PATCH -manpage 0/2] Document memfd F_SEAL_FUTURE_WRITE seal
@ 2019-01-13 0:14 Joel Fernandes
2019-01-13 0:14 ` [PATCH -manpage 1/2] fcntl.2: Update manpage with new " Joel Fernandes
2019-01-13 0:14 ` [PATCH -manpage 2/2] memfd_create.2: " Joel Fernandes
0 siblings, 2 replies; 3+ messages in thread
From: Joel Fernandes @ 2019-01-13 0:14 UTC (permalink / raw)
To: linux-kernel, mtk.manpages
Cc: Joel Fernandes, Andrew Morton, Andy Lutomirski, dancol,
Hugh Dickins, Jann Horn, John Stultz, linux-api, linux-man,
linux-mm, marcandre.lureau, Matthew Wilcox, Mike Kravetz,
Shuah Khan, Stephen Rothwell
Hello,
These manpages correspond to the following kernel patches:
https://lore.kernel.org/patchwork/patch/1031550/
https://lore.kernel.org/patchwork/patch/1031551/
This is just a resend with no changes from last time.
Joel Fernandes (Google) (2):
fcntl.2: Update manpage with new memfd F_SEAL_FUTURE_WRITE seal
memfd_create.2: Update manpage with new memfd F_SEAL_FUTURE_WRITE seal
man2/fcntl.2 | 15 +++++++++++++++
man2/memfd_create.2 | 15 ++++++++++++++-
2 files changed, 29 insertions(+), 1 deletion(-)
--
2.20.1.97.g81188d93c3-goog
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH -manpage 1/2] fcntl.2: Update manpage with new memfd F_SEAL_FUTURE_WRITE seal
2019-01-13 0:14 [PATCH -manpage 0/2] Document memfd F_SEAL_FUTURE_WRITE seal Joel Fernandes
@ 2019-01-13 0:14 ` Joel Fernandes
2019-01-13 0:14 ` [PATCH -manpage 2/2] memfd_create.2: " Joel Fernandes
1 sibling, 0 replies; 3+ messages in thread
From: Joel Fernandes @ 2019-01-13 0:14 UTC (permalink / raw)
To: linux-kernel, mtk.manpages
Cc: Joel Fernandes (Google),
Andrew Morton, Andy Lutomirski, dancol, Hugh Dickins, Jann Horn,
John Stultz, linux-api, linux-man, linux-mm, marcandre.lureau,
Matthew Wilcox, Mike Kravetz, Shuah Khan, Stephen Rothwell
From: "Joel Fernandes (Google)" <joel@joelfernandes.org>
More details of the seal can be found in the LKML patch:
https://lore.kernel.org/lkml/20181120052137.74317-1-joel@joelfernandes.org/T/#t
Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org>
---
man2/fcntl.2 | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/man2/fcntl.2 b/man2/fcntl.2
index 03533d65b..54772f949 100644
--- a/man2/fcntl.2
+++ b/man2/fcntl.2
@@ -1525,6 +1525,21 @@ Furthermore, if there are any asynchronous I/O operations
.RB ( io_submit (2))
pending on the file,
all outstanding writes will be discarded.
+.TP
+.BR F_SEAL_FUTURE_WRITE
+If this seal is set, the contents of the file can be modified only from
+existing writeable mappings that were created prior to the seal being set.
+Any attempt to create a new writeable mapping on the memfd via
+.BR mmap (2)
+will fail with
+.BR EPERM.
+Also any attempts to write to the memfd via
+.BR write (2)
+will fail with
+.BR EPERM.
+This is useful in situations where existing writable mapped regions need to be
+kept intact while preventing any future writes. For example, to share a
+read-only memory buffer to other processes that only the sender can write to.
.\"
.SS File read/write hints
Write lifetime hints can be used to inform the kernel about the relative
--
2.20.1.97.g81188d93c3-goog
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH -manpage 2/2] memfd_create.2: Update manpage with new memfd F_SEAL_FUTURE_WRITE seal
2019-01-13 0:14 [PATCH -manpage 0/2] Document memfd F_SEAL_FUTURE_WRITE seal Joel Fernandes
2019-01-13 0:14 ` [PATCH -manpage 1/2] fcntl.2: Update manpage with new " Joel Fernandes
@ 2019-01-13 0:14 ` Joel Fernandes
1 sibling, 0 replies; 3+ messages in thread
From: Joel Fernandes @ 2019-01-13 0:14 UTC (permalink / raw)
To: linux-kernel, mtk.manpages
Cc: Joel Fernandes (Google),
Andrew Morton, Andy Lutomirski, dancol, Hugh Dickins, Jann Horn,
John Stultz, linux-api, linux-man, linux-mm, marcandre.lureau,
Matthew Wilcox, Mike Kravetz, Shuah Khan, Stephen Rothwell
From: "Joel Fernandes (Google)" <joel@joelfernandes.org>
More details of the seal can be found in the LKML patch:
https://lore.kernel.org/lkml/20181120052137.74317-1-joel@joelfernandes.org/T/#t
Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org>
---
man2/memfd_create.2 | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/man2/memfd_create.2 b/man2/memfd_create.2
index 3cd392d1b..fce2bf8d0 100644
--- a/man2/memfd_create.2
+++ b/man2/memfd_create.2
@@ -280,7 +280,15 @@ in order to restrict further modifications on the file.
(If placing the seal
.BR F_SEAL_WRITE ,
then it will be necessary to first unmap the shared writable mapping
-created in the previous step.)
+created in the previous step. Otherwise, behavior similar to
+.BR F_SEAL_WRITE
+can be achieved, by using
+.BR F_SEAL_FUTURE_WRITE
+which will prevent future writes via
+.BR mmap (2)
+and
+.BR write (2)
+from succeeding, while keeping existing shared writable mappings).
.IP 4.
A second process obtains a file descriptor for the
.BR tmpfs (5)
@@ -425,6 +433,7 @@ main(int argc, char *argv[])
fprintf(stderr, "\\t\\tg \- F_SEAL_GROW\\n");
fprintf(stderr, "\\t\\ts \- F_SEAL_SHRINK\\n");
fprintf(stderr, "\\t\\tw \- F_SEAL_WRITE\\n");
+ fprintf(stderr, "\\t\\tW \- F_SEAL_FUTURE_WRITE\\n");
fprintf(stderr, "\\t\\tS \- F_SEAL_SEAL\\n");
exit(EXIT_FAILURE);
}
@@ -463,6 +472,8 @@ main(int argc, char *argv[])
seals |= F_SEAL_SHRINK;
if (strchr(seals_arg, \(aqw\(aq) != NULL)
seals |= F_SEAL_WRITE;
+ if (strchr(seals_arg, \(aqW\(aq) != NULL)
+ seals |= F_SEAL_FUTURE_WRITE;
if (strchr(seals_arg, \(aqS\(aq) != NULL)
seals |= F_SEAL_SEAL;
@@ -518,6 +529,8 @@ main(int argc, char *argv[])
printf(" GROW");
if (seals & F_SEAL_WRITE)
printf(" WRITE");
+ if (seals & F_SEAL_FUTURE_WRITE)
+ printf(" FUTURE_WRITE");
if (seals & F_SEAL_SHRINK)
printf(" SHRINK");
printf("\\n");
--
2.20.1.97.g81188d93c3-goog
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-01-13 0:14 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-01-13 0:14 [PATCH -manpage 0/2] Document memfd F_SEAL_FUTURE_WRITE seal Joel Fernandes
2019-01-13 0:14 ` [PATCH -manpage 1/2] fcntl.2: Update manpage with new " Joel Fernandes
2019-01-13 0:14 ` [PATCH -manpage 2/2] memfd_create.2: " Joel Fernandes
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).