https://kernelcardistry.com/ Recent content on Kernel Cardistry Blog Hugo en-us https://kernelcardistry.com/posts/secretmem/ Mon, 01 Jan 0001 00:00:00 +0000 https://kernelcardistry.com/posts/secretmem/ <p>Introduced in Linux 5.14, <a href="https://man7.org/linux/man-pages/man2/memfd_secret.2.html"><code>memfd_secret</code></a> is a system call that allows a userspace process to create memory regions inaccessible to anything outside of it &ndash; including the kernel itself. According to the man page:</p> <blockquote> <p><code>memfd_secret()</code> creates an anonymous RAM-based file and returns a file descriptor that refers to it. The memory areas backing the file created with <code>memfd_secret(2)</code> are visible only to the processes that have access to the file descriptor. The memory region is removed from the kernel page tables and only the page tables of the processes holding the file descriptor map the corresponding physical memory.</p>