On 04/09/20 21:41, Matthew Wilcox wrote: > Proposal: http://www.wil.cx/~willy/linux/sileby.html > Start at implementation: > http://git.infradead.org/users/willy/linux.git/shortlog/refs/heads/mshare The main difference between mshare() and this is that we don't want an all-or-nothing thing. Adalbert's introspection thing is rather simple, but what I would like to be able to do (and the reason why I suggested the multi-pidfd approach) is actually a bit more complex: - a parent process creates a range of memory - there are multiple VMs child processes. One of this VM is a primary VM, the others are enclave VMs. VMs are created by the parent process and each VM gets a different view of the memory range through pidfd_mem. - once an enclave VM is created, the primary VM must not be able to access the memory that has been assigned to the enclave VM. If the parent unmaps the memory in the primary VM, the child must SIGBUS when it's accessed. - if memory is removed from a VM and assigned to another, this should not involve any copy at all. For this usecase the range of memory would be backed by hugetlbfs, anonymous memory, VFIO, whatever. Userfaultfd is certainly part of the picture here on the VM side. Having userfaultfd on the parent side would be nice though I don't have a use for it right now. I'm not sure about non-anonymous VMAs. Thanks, Paolo
