On 9/3/21 12:14 PM, Kirill A. Shutemov wrote: > On Thu, Sep 02, 2021 at 08:33:31PM +0000, Sean Christopherson wrote: >> Would requiring the size to be '0' at F_SEAL_GUEST time solve that problem? > > I guess. Maybe we would need a WRITE_ONCE() on set. I donno. I will look > closer into locking next. We can decisively eliminate this sort of failure by making the switch happen at open time instead of after. For a memfd-like API, this would be straightforward. For a filesystem, it would take a bit more thought.
