Constrained file descriptors

Johannes Kliemann kliemann at ...543...
Thu Jan 4 09:05:39 CET 2018


Hi Christian,

thanks for that info. We also found memfd_create and came to the same
conclusion that it won't work for our use case.
Since there seems to be no way to constrain /dev/mem as we need we most
probably will implement this functionality by ourselves on the kernel
either through a kernel module or by adding a new custom syscall.

UIO solved this issue but also by creating a small custom kernel module
for each driver what we wanted to prevent in the first place.
Since we now need to change the kernel anyway we won't use UIO because
the kernel also should become as small as possible at some point.

Greets
Johannes

Am 03.01.2018 um 09:45 schrieb Christian Helmuth:
> Hello Johannes,
> 
> On Fri, Dec 29, 2017 at 07:37:39PM +0100, Johannes Kliemann wrote:
>> before Christmas we chatted about enabling the MMIO session on Linux.
>> You said that you know a possibility to create constrained file
>> descriptors (in such a way that accesses through this descriptor can
>> only access a part of the file). I've done a second search but I
>> couldn't find any useful information regarding this topic.
>> Do you have any further, more specific, information about how to achieve
>> this goal?
> 
> I had a chat with Norman and we're not sure if he was referring to
> memfd_create() [1] which, unfortunately, does not solve the issue as
> it only handles anonymous memory. Maybe adding "android" to the
> keywords on your internet search brings up more interesting hits?
> Also, uio has solve this issue too, right?
> 
> [1] http://man7.org/linux/man-pages/man2/memfd_create.2.html
> [2] https://www.kernel.org/doc/html/latest/driver-api/uio-howto.html
> 
> Greets
> 




More information about the users mailing list