On Tue, Oct 29, 2019 at 10:12:04AM +0000, Christopher Lameter wrote: > > > On Tue, 29 Oct 2019, Mike Rapoport wrote: > > > I've talked with Thomas yesterday and he suggested something similar: > > > > When the MAP_EXCLUSIVE request comes for the first time, we allocate a huge > > page for it and then use this page as a pool of 4K pages for subsequent > > requests. Once this huge page is full we allocate a new one and append it > > to the pool. When all the 4K pages that comprise the huge page are freed > > the huge page is collapsed. > > Or write a device driver that allows you to mmap a secure area and avoid > all core kernel modifications? > > /dev/securemem or so? A device driver will need to remove the secure area from the direct map and then we back to square one. > It may exist already. > -- Sincerely yours, Mike.
