From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5492CC001B2 for ; Thu, 8 Dec 2022 20:56:01 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A2CB98E0003; Thu, 8 Dec 2022 15:56:00 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 9DC188E0001; Thu, 8 Dec 2022 15:56:00 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8F2258E0003; Thu, 8 Dec 2022 15:56:00 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 80F708E0001 for ; Thu, 8 Dec 2022 15:56:00 -0500 (EST) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 534E1C0319 for ; Thu, 8 Dec 2022 20:56:00 +0000 (UTC) X-FDA: 80220346080.06.C7D1FEC Received: from mail-pg1-f172.google.com (mail-pg1-f172.google.com [209.85.215.172]) by imf30.hostedemail.com (Postfix) with ESMTP id A5FB68001A for ; Thu, 8 Dec 2022 20:55:57 +0000 (UTC) Authentication-Results: imf30.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=WGDXl+n8; spf=pass (imf30.hostedemail.com: domain of keescook@chromium.org designates 209.85.215.172 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1670532957; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=NJg0tjf49GVzZZXYJm/ESQ/vYejcTaVis8L45uiNSHA=; b=yyAsCeXb8IHcJsjdk6r6KD8iex/YbjCwhlbKGlh4Hqi4YLR5g/XpdHaTN1AoxgkIgi/iHv ZzdQBvQJ0GEtWgOr9xiPZkZ5dmy7t70YRLHd17XYsncl+JSu9DJBKHi8jrI/zwkEP1AbqS 095IVEJBpz7tVKg79dHoMSV+8Ac0d5E= ARC-Authentication-Results: i=1; imf30.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=WGDXl+n8; spf=pass (imf30.hostedemail.com: domain of keescook@chromium.org designates 209.85.215.172 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1670532957; a=rsa-sha256; cv=none; b=4lyZ8Zb/TFJ8Y+d4pUVmyH/342AJyrpNvGHfSg4NPcblzVEHiF92fdksheyJ/gs8VhLI3w +/PTAXHq5y7xwo9b/5MT7jMsMX8W+Iy3TwtS9oLihyLITr8fhvDYRUh2MJcLE+7kiTbwHh EINCbdjKef3H10etFIJQWodrDpOT4rE= Received: by mail-pg1-f172.google.com with SMTP id 82so2181603pgc.0 for ; Thu, 08 Dec 2022 12:55:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=NJg0tjf49GVzZZXYJm/ESQ/vYejcTaVis8L45uiNSHA=; b=WGDXl+n8K/dWeZKeldPrcD/v5Zbw4izCFegv/+gHVqJz5fo4i63IakbdgfDk32UOJ0 K7CA6axewHrdePgh+eO1x8V+20MgZoSmeS/R+OUwnzbSv5HurnxALTfCXtREO7ppxxNa U6LdFtKTrAAZMCV9qJ/PEyYe9JUYQMujpcuIg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=NJg0tjf49GVzZZXYJm/ESQ/vYejcTaVis8L45uiNSHA=; b=JDStcqjWwBmJelDbRSh63VB5CWKhmJJ6Cr4AvYgdAXD5C3xeLaUU9D2WnS5rgvA19t LBkBsNvuuxDOm6wRdITSEx7AlvgbsPtxWCtaMt0W5ZfxmLlA5D6PCC3LcbGphM5ohFDC axw3SWP9t0AvEhvMopC73YNDm2U6Wqk/rAt95hZPHuoba/FARLFn0Zt3uCBQw5J6+E7I ydtn1zTqmQvd5291mfiRW9Uxkb4pLU2GaMpK4ulz4PHEYJhupDdyQn9j2K8naL9btFFC rzi5HBfUv1i6U2ZUNcKk6o7fnaL2s2KJLnGzdMzH6XoDGkVqnNUCkanhuw2qXSz5N00Y gC1w== X-Gm-Message-State: ANoB5pnHTq9QCdM6XY4QkHQKKgPv4o9GNYxVidv6VjRq+hV1WTIYRLRj X3DymQaYFqvqLrj9tO7zkPoOhg== X-Google-Smtp-Source: AA0mqf4zdrgHUuOag7wMXflhe99eH3jKylHoxnM8ECvbLmGYxFdavLPXAx42+E9rBdvD3R4pu3TLog== X-Received: by 2002:a62:e219:0:b0:577:5678:bc80 with SMTP id a25-20020a62e219000000b005775678bc80mr9602372pfi.62.1670532956522; Thu, 08 Dec 2022 12:55:56 -0800 (PST) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id a7-20020aa78e87000000b005764c8f8f07sm12310108pfr.84.2022.12.08.12.55.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 08 Dec 2022 12:55:56 -0800 (PST) Date: Thu, 8 Dec 2022 12:55:55 -0800 From: Kees Cook To: Jeff Xu Cc: jeffxu@chromium.org, skhan@linuxfoundation.org, akpm@linux-foundation.org, dmitry.torokhov@gmail.com, dverkamp@chromium.org, hughd@google.com, jorgelo@chromium.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, jannh@google.com, linux-hardening@vger.kernel.org Subject: Re: [PATCH v6 0/6] mm/memfd: introduce MFD_NOEXEC_SEAL and MFD_EXEC Message-ID: <202212081255.22D92C5@keescook> References: <20221207154939.2532830-1-jeffxu@google.com> <202212080809.687CC8BC23@keescook> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Stat-Signature: zbfsdrpred95yzhhzbuktmqqahgsq5mp X-Rspam-User: X-Rspamd-Queue-Id: A5FB68001A X-Rspamd-Server: rspam06 X-HE-Tag: 1670532957-610620 X-HE-Meta: U2FsdGVkX18MfCj/MylNVxCjA3G0An+OnrBzWtVfrRgothzUDQcOa0n3WtarZLCF1rhUeZI1HAUC2x8JgtO3nTcM2fKTt8RVDZ+j7st4t5lOeQnEAIpFWVwud8NrkRCHgR4rIUiWZAYGdg0xkzpnYPSit3Kn8gTG8sXhpXuuSq9+CH+ytoPHpjIOImAaX0pBWv6tjPf9+RfpYp5UMw5arhjAmF5SgaTTES1kkNjpiBLuCtI++leDZj5B0H/5yZ8li1oxpC0uGiYNRqUW16Hlavhqu0sfe32HwH2ezS7+pTDWYdbQy078Zfel04TkRrXkenQnBq+5IFhanu4+K4t2jB0i2R2UssAUZWXP/ml4bRBU7ViXibhYmw6RHzXlVPr909uILNW+CsqoEijvGIOJMvpdSnqSXyKaFwO5SEIbAPTRcGYlwfzLZShcL7pDQHZoSZzJcqrZ846Ajfsu7vy1+gy45nvwDo0zs9gNGsi2qeTbiML0NuQBFEuPlrB3nqTZeyjUgFrRxv23uts6iPMJ13tKiusoKK5OUjIY9ToW9/8xs2q3eMd5aXsz8y66vQtizqTqq6pW3eP2h5LkR55YrQZnuT5CNif8g7ZMja1s2X8rvcR+xt7TR8rF88d7c87mLBRYEYKXMfLa4Wg8JM1EXCE5gBO/vSf0nQbuYpPrXdPQFF4qRvk26Qv1Izm1thUToDY2MvMLau+hQm6xZJJfh2wyE0sI/RBlUMk7+PoI6ifVhTr9W7OqGCnDbeGj5LcbbZ4f5+i1YRCYXHKmEgzSffdr9RIl/fq1CkjYRmkiRJiaP62cB3lC+tfG37eSmCl9BXBkuhHdnPTjaFgwmyFkeJrfexM0Lp+49QESHsCzfNj4NtvuAo3rZFf+DD17HtAriHg5p9KqMdxZmYKIVYLvWCuitJiUUhoKXXfAVeSmQ/6Qq4fALtfs5nvpGvMqmpBS2DYrZbCmsiDT/Yk5xA+ QbA0KrDr 7Wbsw0HdvrnyK1M2AowVIGT2aPeJtfUbq8ul/wSyyXKoDD2DjwVa85T4XVVs5qXwmQwGyPwlEsLZiLjDRDL431FdrQwOBdZjUbFDul3XyZcQH3W4AuPw7YFdLedORH7Xm/sBbwD5yKk7m2CDwFZdsTCX4Nxtjy/8YNJm66mI8gycAkkV/5oOAu1QidyJNXIpWUuI+oSFjcpcCjsRCeyO0U8ndGw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, Dec 08, 2022 at 10:33:19AM -0800, Jeff Xu wrote: > On Thu, Dec 8, 2022 at 8:13 AM Kees Cook wrote: > > > > On Wed, Dec 07, 2022 at 03:49:33PM +0000, jeffxu@chromium.org wrote: > > > This is V6 version of patch: see [4] [5] [6] [7] for previous versions. > > > > When sending a new version, can you include an overview of what changed > > between this version and the prior version? This helps reviewers who are > > following along, so it's easier to focus our attention on the > > differences. Also, it's helpful to version the links: > > > > > [4] https://lwn.net/Articles/890096/ > > > [5] https://lore.kernel.org/lkml/20220805222126.142525-1-jeffxu@google.com/ > > > [6] https://lore.kernel.org/lkml/20221202013404.163143-1-jeffxu@google.com/ > > > [7] https://lore.kernel.org/lkml/20221206152358.1966099-1-jeffxu@google.com/ > > > > e.g.: > > > > v6: > > - moved foo to bar > > - improve comments for baz > > v5: https://lore.kernel.org/lkml/20221206152358.1966099-1-jeffxu@google.com/ > > v3: https://lore.kernel.org/lkml/20221202013404.163143-1-jeffxu@google.com/ > > v2: ...etc > > > Will do! > Much appreciated for helping me through the process of my first patch > in the kernel. Happy to help! I'm excited to see this gap in memfd security closed. :) -- Kees Cook