Re: [PATCH v5 3/5] mm: introduce memfd_secret system call to create "secret" memory areas

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Mike,


On 9/16/20 12:35 AM, Mike Rapoport wrote:
> From: Mike Rapoport <rppt@xxxxxxxxxxxxx>
> 
> 
> Signed-off-by: Mike Rapoport <rppt@xxxxxxxxxxxxx>
> ---
>  arch/Kconfig                   |   7 +
>  arch/x86/Kconfig               |   1 +
>  include/uapi/linux/magic.h     |   1 +
>  include/uapi/linux/secretmem.h |   8 +
>  kernel/sys_ni.c                |   2 +
>  mm/Kconfig                     |   4 +
>  mm/Makefile                    |   1 +
>  mm/secretmem.c                 | 264 +++++++++++++++++++++++++++++++++
>  8 files changed, 288 insertions(+)
>  create mode 100644 include/uapi/linux/secretmem.h
>  create mode 100644 mm/secretmem.c
> 
> diff --git a/arch/Kconfig b/arch/Kconfig
> index af14a567b493..8d161bd4142d 100644
> --- a/arch/Kconfig
> +++ b/arch/Kconfig
> @@ -975,6 +975,13 @@ config HAVE_SPARSE_SYSCALL_NR
>  config ARCH_HAS_VDSO_DATA
>  	bool
>  
> +config HAVE_SECRETMEM_UNCACHED
> +       bool
> +       help
> +          An architecture can select this if its semantics of non-cached
> +          mappings can be used to prevent speculative loads and it is
> +          useful for secret protection.

Please use tabs instead of spaces for indentation.

> +
>  source "kernel/gcov/Kconfig"
>  
>  source "scripts/gcc-plugins/Kconfig"

> diff --git a/mm/Kconfig b/mm/Kconfig
> index 6c974888f86f..70cfc20d7caa 100644
> --- a/mm/Kconfig
> +++ b/mm/Kconfig
> @@ -868,4 +868,8 @@ config ARCH_HAS_HUGEPD
>  config MAPPING_DIRTY_HELPERS
>          bool
>  
> +config SECRETMEM
> +        def_bool ARCH_HAS_SET_DIRECT_MAP && !EMBEDDED

Use tab above for indentation.

> +	select GENERIC_ALLOCATOR
> +
>  endmenu


thanks.
-- 
~Randy




[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux