On Tue, Dec 04, 2018 at 09:30:20PM -0800, Alison Schofield wrote: > On Tue, Dec 04, 2018 at 10:10:44AM +0100, Peter Zijlstra wrote: > > > + * Encrypted mprotect is only supported on anonymous mappings. > > > + * All VMA's in the requested range must be anonymous. If this > > > + * test fails on any single VMA, the entire mprotect request fails. > > > + */ > > > +bool mem_supports_encryption(struct vm_area_struct *vma, unsigned long end) > > > > That's a 'weird' interface and cannot do what the comment says it should > > do. > > More please? With MKTME, only anonymous memory supports encryption. > Is it the naming that's weird, or you don't see it doing what it says? It's weird because you don't fully speficy the range -- ie. it cannot verify the vma argument. It is also weird because the start and end are not of the same type -- or rather, there is no start at all. So while the comment talks about a range, there is not in fact a range (only the implied @start is somewhere inside @vma). The comment also states all vmas in the range, but again, because of a lack of range specification it cannot verify this statement. Now, I don't necessarily object to the function and its implementation, but that comment is just plain misleading.
