On Thu, Sep 17, 2020 at 4:17 PM Burakov, Anatoly <anatoly.bura...@intel.com> wrote: > Anonymous hugepages shouldn't matter, yes, but single-file segments mode > does fallocate() and remove - you have the remove part covered, but i'm > just curious if fallocate() would also cause any issues with SELinux.
I found no hook in the kernel for fallocate + selinux... Looked into fallocate itself and it ends up validating lsm write access on the file. I don't have the full setup atm but since I could truncate and write to it, I'd say we are good. -- David Marchand
