----- Original Message -----
> On Tue, Sep 29, 2015 at 06:34:35PM +0200, marcandre.lur...@redhat.com wrote:
> > From: Marc-André Lureau <marcandre.lur...@redhat.com>
> >
> > Add qemu_memfd_alloc/free() helpers.
> >
> > The function helps to allocate and seal a memfd.
> >
> > Signed-off-by: Marc-André Lureau <marcandre.lur...@redhat.com>
> > ---
> > include/qemu/memfd.h | 4 ++++
> > util/memfd.c | 59
> > ++++++++++++++++++++++++++++++++++++++++++++++++++--
> > 2 files changed, 61 insertions(+), 2 deletions(-)
> >
> > diff --git a/include/qemu/memfd.h b/include/qemu/memfd.h
> > index 8b1fe6a..950fb88 100644
> > --- a/include/qemu/memfd.h
> > +++ b/include/qemu/memfd.h
> > @@ -17,4 +17,8 @@
> > #define F_SEAL_WRITE 0x0008 /* prevent writes */
> > #endif
> >
> > +void *qemu_memfd_alloc(const char *name, size_t size, unsigned int seals,
> > + int *fd);
> > +void qemu_memfd_free(void *ptr, size_t size, int fd);
> > +
> > #endif /* QEMU_MEMFD_H */
> > diff --git a/util/memfd.c b/util/memfd.c
> > index a98d57e..3168902 100644
> > --- a/util/memfd.c
> > +++ b/util/memfd.c
> > @@ -27,6 +27,14 @@
> >
> > #include "config-host.h"
> >
> > +#include <glib.h>
> > +#include <glib/gprintf.h>
> > +
> > +#include <stdio.h>
> > +#include <stdlib.h>
> > +#include <fcntl.h>
> > +#include <sys/mman.h>
> > +
> > #include "qemu/memfd.h"
> >
> > #ifdef CONFIG_MEMFD
> > @@ -44,13 +52,60 @@
> > #define MFD_ALLOW_SEALING 0x0002U
> > #endif
> >
> > -static inline int memfd_create(const char *name, unsigned int flags)
> > +static int memfd_create(const char *name, unsigned int flags)
> > {
> > return syscall(__NR_memfd_create, name, flags);
> > }
> > #else /* !LINUX */
> > -static inline int memfd_create(const char *name, unsigned int flags)
> > +static int memfd_create(const char *name, unsigned int flags)
> > {
> > return -1;
> > }
> > #endif
> > +
> > +void *qemu_memfd_alloc(const char *name, size_t size, unsigned int seals,
> > + int *fd)
> > +{
> > + void *ptr;
> > + int mfd;
> > +
> > + *fd = -1;
> > + mfd = memfd_create(name, MFD_ALLOW_SEALING | MFD_CLOEXEC);
> > + if (mfd != -1) {
> > + if (ftruncate(mfd, size) == -1) {
> > + perror("ftruncate");
> > + close(mfd);
> > + return NULL;
> > + }
> > +
> > + if (fcntl(mfd, F_ADD_SEALS, seals) == -1) {
> > + perror("fcntl");
> > + close(mfd);
> > + return NULL;
> > + }
>
> Why do it here? I note that you don't try to do this with the tmpfs
> fallback.
The idea of the helper is to use the best practices of using memfd: sealing,
and provide graceful feedback if not available. Without sealing, there isn't
much benefit over traditional open/mmap. If you want to use memfd differently,
for ex to enforce sealing, then the helper isn't of much use. F_ADD_SEALS
doesn't work on regular open/mmap shared memory, it was added with memfd afaik.
Since some kernel support memfd without sealing, I'll add a fallback for that
case.
>
> > + } else {
> > + perror("memfd");
> > + return NULL;
> > + }
> > +
> > + ptr = mmap(0, size, PROT_READ | PROT_WRITE, MAP_SHARED, mfd, 0);
> > + if (ptr == MAP_FAILED) {
> > + perror("mmap");
> > + close(mfd);
> > + return NULL;
> > + }
> > +
> > + *fd = mfd;
> > + return ptr;
> > +}
> > +
> > +void qemu_memfd_free(void *ptr, size_t size, int fd)
> > +{
> > + if (ptr) {
> > + munmap(ptr, size);
> > + }
> > +
> > + if (fd != -1) {
> > + close(fd);
> > + }
> > +}
> > --
> > 2.4.3
>
