[apparmor] Huge pages mediation class?
Zygmunt Krynicki
me at zygoon.pl
Thu Nov 27 08:35:46 UTC 2025
W dniu 26.11.2025 o 23:58, John Johansen pisze:
> On 11/26/25 02:04, Zygmunt Krynicki wrote:
>> Hello
>>
>> As a part of investigation into issue affecting mmap with MAP_HUGETLB
>> [1], I was thinking if huge pages should have a dedicated mediation
>> class and be handled similarly to how mqueue was recently added.
>>
>
> yes we want to split it off, it could potentially go into its own class
> or potentially share a class with a few other memory operations that we
> want to handle better.
What other operations would go there?
> The trade-off being whether we want to handle them in a separate feature
> abi or not. If we put them in the same class then they need to move
> together
Right
>> In the kernel, `aa_file_perm` function could special case hugetlbfs so
>> that mmap would not end up using odd (possibly disconnected) paths for
>> accessing it.
>>
>> I'd be happy to pick up this work if there is consensus on the general
>> direction. I would need some help with reviews and guidance along the
>> way.
>>
>
> I am not opposed to free work, it should likely use the newer task based
> pattern/operations as a starting point. I need to get those posted.
> Though its probably not going to happen this week.
I'm looking forward to those then.
Best regards
ZK
More information about the AppArmor
mailing list