On Mon, Jun 13, 2022 at 02:55:40PM -0700, Andrew Morton wrote: > On Wed, 1 Jun 2022 14:09:47 -0700 Axel Rasmussen <axelrasmussen@xxxxxxxxxx> wrote: > > > To achieve this, add a /dev/userfaultfd misc device. This device > > provides an alternative to the userfaultfd(2) syscall for the creation > > of new userfaultfds. The idea is, any userfaultfds created this way will > > be able to handle kernel faults, without the caller having any special > > capabilities. Access to this mechanism is instead restricted using e.g. > > standard filesystem permissions. > > The use of a /dev node isn't pretty. Why can't this be done by > tweaking sys_userfaultfd() or by adding a sys_userfaultfd2()? > > Peter, will you be completing review of this patchset? Sorry to not have reviewed it proactively.. I think it's because I never had a good picture/understanding of what should be the best security model for uffd, meanwhile I am (it seems) just seeing more and more ways to "provide a safer uffd" by different people using different ways.. and I never had time (and probably capability too..) to figure out the correct approach if not to accept all options provided. I think I'll just assume the whole thing is acked already from you generally, then I'll read at least the implementation before the end of tomorrow. Thanks, -- Peter Xu
