On Wed, Mar 19, 2014 at 11:06 PM, David Herrmann dh.herrmann@gmail.com wrote:
memfd_create() is similar to mmap(MAP_ANON), but returns a file-descriptor that you can pass to mmap(). It explicitly allows sealing and avoids any connection to user-visible mount-points. Thus, it's not subject to quotas on mounted file-systems, but can be used like malloc()'ed memory, but with a file-descriptor to it.
memfd_create() does not create a front-FD, but instead returns the raw shmem file, so calls like ftruncate() can be used. Also calls like fstat() will return proper information and mark the file as regular file. Sealing is explicitly supported on memfds.
Compared to O_TMPFILE, it does not require a tmpfs mount-point and is not subject to quotas and alike.
Instead of adding new syscall we can extend existing openat() a little bit more:
openat(AT_FDSHM, "name", O_TMPFILE | O_RDWR, 0666)