From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C12B1C7EE23 for ; Tue, 16 May 2023 20:07:43 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 59A2E900003; Tue, 16 May 2023 16:07:43 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 54A8B900002; Tue, 16 May 2023 16:07:43 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 439EF900003; Tue, 16 May 2023 16:07:43 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 398CD900002 for ; Tue, 16 May 2023 16:07:43 -0400 (EDT) Received: from smtpin29.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id ECD3D1A03F7 for ; Tue, 16 May 2023 20:07:42 +0000 (UTC) X-FDA: 80797203564.29.CB2A034 Received: from mail-pl1-f180.google.com (mail-pl1-f180.google.com [209.85.214.180]) by imf23.hostedemail.com (Postfix) with ESMTP id 1DAED140017 for ; Tue, 16 May 2023 20:07:40 +0000 (UTC) Authentication-Results: imf23.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=n+n0N1x1; spf=pass (imf23.hostedemail.com: domain of keescook@chromium.org designates 209.85.214.180 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1684267661; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=5yK4aZqvfgO0WJ8XP2YQsUwZXdAoZzrxUjN80rlLt4Q=; b=Pb/xUhevDbAqLlbwD7O74efrL9K0oYFMmYzJgd2vTZvkzRs5cGACO5JQSGa7ZwpyarNgV+ ImvwWBvhfcRUt9Wa5YGJNQF0pp5cDIXtsd82lIYPjgohW3pwrny4VbttaTF6X27u+73Nan Ff679SC7qGoaCm60CpmbL0UihA6ufJg= ARC-Authentication-Results: i=1; imf23.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=n+n0N1x1; spf=pass (imf23.hostedemail.com: domain of keescook@chromium.org designates 209.85.214.180 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1684267661; a=rsa-sha256; cv=none; b=WvV3evEyIuT2cCjj71UkGMoT8tTmL2pbDLW+xpZBhh1tkDPfGxLSOk7jaT7XEd6Puvif2O tsf0w/yOKr9mTpRUSPWGJA+iawAntcFyEUiIHEYC6U5+NGFxl2JHflYtcQe81/+Rd0ZPi2 T5vO2tPFjGwz6PierpJ/4Al0l0HKrwo= Received: by mail-pl1-f180.google.com with SMTP id d9443c01a7336-1ae4c5e1388so874185ad.1 for ; Tue, 16 May 2023 13:07:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1684267660; x=1686859660; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=5yK4aZqvfgO0WJ8XP2YQsUwZXdAoZzrxUjN80rlLt4Q=; b=n+n0N1x1kTOQTXTYpkicsApchyuKJU6rIqOVr/nfeik1SxnFwCdYu5J+Ma2kGNR592 GmeMv+aGpBEWPX5873vshFxa6mCp2oj/97to3/3iWUtqRKhDbg7Z+FErMibpYj5M7orE WEN8nXBaRrWCplSX+wTveuOU4SzH9b4zVDJwk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1684267660; x=1686859660; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=5yK4aZqvfgO0WJ8XP2YQsUwZXdAoZzrxUjN80rlLt4Q=; b=PxqVofqMwYHEsoDIQFfftoLN1AWblGRVjGaIsW2YuBBpHWBdqFdiijfFZrhqf8QZ8K EdaLRaqMhDuUHEAPKAZy4/+7JJybrF8vD0M/DglpUF4/jDmkoXd6EHI1mt3CWUT6eIym YXNymIxjDc8wrTC32ZLblEmEs2Wbi/4PK3MN9o8dMzH3y9N+DX5+OVxQ2pGqZorx7vO+ URBk1RuJNxDI+FL54AJLvYHGG6MO3BYUJOG6IXrGGiQaw49MKrxTm1fOocahMoWoNxRo yXkwcW9rxoagFC0owBLG/LLYXV1piXiW6kv7zXuu8aQE4ENCrJUbwucuzbWQQ1bHqwGt RHxA== X-Gm-Message-State: AC+VfDxTwd5FhsLQvhc5l9RUPUNUA5p9QZ2hV9fXdd1z1vU98HmgsQez 0chRFXybfBQ1h6ZP//YG5VQbmA== X-Google-Smtp-Source: ACHHUZ7u3rq8Nf3VNgH0qCDY5XXjRFg4nCnp6SRHMGYOyrcJwgfTQx+Kt2i9J0Ln1vx5tmCauEmMxQ== X-Received: by 2002:a17:902:cec8:b0:1ad:c736:2090 with SMTP id d8-20020a170902cec800b001adc7362090mr24149254plg.3.1684267659998; Tue, 16 May 2023 13:07:39 -0700 (PDT) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id g7-20020a170902868700b001a64c4023aesm15911708plo.36.2023.05.16.13.07.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 16 May 2023 13:07:39 -0700 (PDT) Date: Tue, 16 May 2023 13:07:39 -0700 From: Kees Cook To: jeffxu@chromium.org Cc: dave.hansen@intel.com, luto@kernel.org, jorgelo@chromium.org, groeck@chromium.org, jannh@google.com, sroettger@google.com, akpm@linux-foundation.org, jeffxu@google.com, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH 3/6] PKEY: Apply PKEY_ENFORCE_API to mprotect Message-ID: <202305161307.77B29D261@keescook> References: <20230515130553.2311248-1-jeffxu@chromium.org> <20230515130553.2311248-4-jeffxu@chromium.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230515130553.2311248-4-jeffxu@chromium.org> X-Rspam-User: X-Rspamd-Server: rspam01 X-Rspamd-Queue-Id: 1DAED140017 X-Stat-Signature: ggeg65kjsb1zchqkn38n1dh6ci9ywmce X-HE-Tag: 1684267660-550972 X-HE-Meta: U2FsdGVkX185r3GNxSHNqv1Cl46ef6EN6UX1q/+YJJDNiPyQdxIJV66BWF0fnYIfTUouyN4H7ouZlOuprhQB6HyVd98MvbASuNhoiaBJd3J4r5kmVFfc67lv5bKyFp5QSvjceSpMASo7/OTyPjpdFGE9H9Odiw2YsqK+Km0PjVJWG8/AqC9WV6Uo9q2boU2FDhE8yqOxXrZSIEH3jgsx94KMM5aKMZTToaTrdlKJ1WJx6RPQRs1qrUZB0hV8qPz7GPsGuA56+RfuJ+eU50QYE8EoyT0Lty6e2LDwJXtNx9w62JSLgwY02Sxn6b4Rom/xpR5rmtPC1ZS5GAt8QvZFo9BkTbB4M7+dlpGORTNrhQU7EGRkIn3+OeBWQXZRKoEGn7i1PabjSGJ5AGxekfVIuFVwlSkYvunDPfSnkNV3jvJvikR8MgGcGYoXHAwUSDjPSewxnQj5TKnp8VRXJE+iDDFksVXRl8TZhO9608tTAjIDeuzUGLYykBl5/9rXM+lX7DVfmA0t9hMDW/T6UQiSLcR/HZMyefddp8ZKya6LiCFZRmd2IFNJNcJAFDrESJ18aCkurmiOl+DAaZ3UyFzkKxF0/0kqAy8THzr0cyucsfS+/qgLnWPvV00fr8DFmGki68MQ6/KAriCNGtx/0/FPYRhESUpfROnvwG7X0gw+HyXctUABQNNwb0QwNMgFaaNJgjX2HTC5SYQxSPJ9Q4YCZex2Sbr5oBSXxmajMjNz+Ch4AkLTB0Drc/Bsjd1+1lpRcEDQscyduuEJfdnEU17HpKdjftsERug+yUNJPbj7x7ceI6yvBSvioJAtYb+xqNLI4kF2/znfuMqP6zvjz+qafnA2T32j6Fo2G/fP2TRRdq2gq+F63XtrzFD6So5MgTnP0vgl6l5af3tXgQ7E1QFd2yJ5zmVUh/2Li9IugvQcBwZibWq+aXiMxFYaigDfGm3scGwSwqkibOC4RfeSiv6 UrcQcFss c26t6m+R+omtNeqg2PdFjAhtmfXAPNnsEGS2Oc1auBMNChDuoazfcFRh03fucu4MHY4t8GwgWnFwO7HLjYJP19gvYKjrQtOFTfctWWDk7moZKsphZGb3B0tJ1VOdlKiX+uJMb3mVsOPdBzGuV7JMOGAgu9dW8RWvlWMEPBmH0/UjGXCKQWC7EBDngaBj4P+czT0M/UjTMC97Juq84mrbaLHOxRMIF290VLvYSl8y1Y45smmnl2Sba9s/Vqu8BqEgovBdb723FihPXwa+yuJoWmyypWKIo5e5YBMyldYlidmi7cGTTFCePXnHDPPO1gRkEv5uU2TGNf1BYkqV3iIaAMwyvsNO9Vm7n4gAcg1/8vp3XDwQbmeIMm290zW67T9H0PB9avQ0eqwKzil+vNOu3ASMeDLpm+RA3mJlnNnn7SFrRt6gxpHV4kdLivt9t2OaHvRJC2lzpxagvYPV4VELTZVrk1yOY6GnMQpAETm7EMArX5qZSzvJKSbtjbNJamXfYAglt X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Mon, May 15, 2023 at 01:05:49PM +0000, jeffxu@chromium.org wrote: > From: Jeff Xu > > This patch enables PKEY_ENFORCE_API for the mprotect and > mprotect_pkey syscalls. All callers are from userspace -- this change looks like a no-op? -Kees -- Kees Cook