[1]: https://lore.kernel.org/lkml/20201124164930.GK8537@xxxxxxxxxx/ [2]: https://lore.kernel.org/lkml/20210121122723.3446-11-rppt@xxxxxxxxxx/#t [3]: https://lore.kernel.org/lkml/20201125092208.12544-10-rppt@xxxxxxxxxx/ Link: https://lkml.kernel.org/r/20241001080056.784735-1-roypat@xxxxxxxxxxxx Fixes: 1507f51255c9 ("mm: introduce memfd_secret system call to create "secret" memory areas") Signed-off-by: Patrick Roy <roypat@xxxxxxxxxxxx> Reviewed-by: Mike Rapoport (Microsoft) <rppt@xxxxxxxxxx> Cc: Alexander Graf <graf@xxxxxxxxxx> Cc: David Hildenbrand <david@xxxxxxxxxx> Cc: James Gowans <jgowans@xxxxxxxxxx> Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> --- mm/secretmem.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/mm/secretmem.c~secretmem-disable-memfd_secret-if-arch-cannot-set-direct-map +++ a/mm/secretmem.c @@ -238,7 +238,7 @@ SYSCALL_DEFINE1(memfd_secret, unsigned i /* make sure local flags do not confict with global fcntl.h */ BUILD_BUG_ON(SECRETMEM_FLAGS_MASK & O_CLOEXEC); - if (!secretmem_enable) + if (!secretmem_enable || !can_set_direct_map()) return -ENOSYS; if (flags & ~(SECRETMEM_FLAGS_MASK | O_CLOEXEC)) @@ -280,7 +280,7 @@ static struct file_system_type secretmem static int __init secretmem_init(void) { - if (!secretmem_enable) + if (!secretmem_enable || !can_set_direct_map()) return 0; secretmem_mnt = kern_mount(&secretmem_fs); _ Patches currently in -mm which might be from roypat@xxxxxxxxxxxx are secretmem-disable-memfd_secret-if-arch-cannot-set-direct-map.patch