On 01/27/2014 07:52 PM, H. Peter Anvin wrote: > On 01/27/2014 05:37 PM, John Stultz wrote: >> In the Android case, its important to have this interface to atomically >> provide these unlinked tmpfs fds, because they'd like to avoid having >> tmpfs mounts that are writable by applications (since that creates a >> potential DOS on the system by applications writing random files that >> persist after the process has been killed). It also provides better >> life-cycle management for resources, since as the fds never have named >> links in the filesystem, their resources are automatically cleaned up >> when the last process with the fd dies, and there's no potential races >> between create and unlink with processes being terminated, which avoids >> the need for cleanup management. >> > What about if tmpfs could be restricted to only only O_TMPFILE open()s? > This pretty much amounts to an option to prevent tmpfs from creating > new directory entries. Thanks for reminding me about O_TMPFILE.. I have it on my list to look into how it could be used. As for the O_TMPFILE only tmpfs option, it seems maybe a little clunky to me, but possible. If others think this would be preferred over a new syscall, I'll dig in deeper. thanks -john -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>