From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1051CC02183 for ; Thu, 16 Jan 2025 19:45:02 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9A8CB6B0082; Thu, 16 Jan 2025 14:45:01 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 957036B0083; Thu, 16 Jan 2025 14:45:01 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 81F8B6B0085; Thu, 16 Jan 2025 14:45:01 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 641EE6B0082 for ; Thu, 16 Jan 2025 14:45:01 -0500 (EST) Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 939201C83FE for ; Thu, 16 Jan 2025 19:45:00 +0000 (UTC) X-FDA: 83014343160.14.8F1F18E Received: from nyc.source.kernel.org (nyc.source.kernel.org [147.75.193.91]) by imf27.hostedemail.com (Postfix) with ESMTP id 09E5040003 for ; Thu, 16 Jan 2025 19:44:58 +0000 (UTC) Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b="a1phd/oy"; spf=pass (imf27.hostedemail.com: domain of kees@kernel.org designates 147.75.193.91 as permitted sender) smtp.mailfrom=kees@kernel.org; dmarc=pass (policy=quarantine) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1737056699; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ydQMnQRWbUAlPYbZAvSqYfc47+GmrZR9kgrWdtGAduY=; b=fb4iXpOeWsUS1d7hi4deWhgV2pPwpBlxKmw0DOQYZBwxPje1wWUU+t5Nq7fwcwlsp7hKH3 hFVzZbuv6QnXd1tGw0/93n4Aqfq0/PfBfpu1MwHvmD2smgtQvD00wl0/ZipVIEf8nozm8k YDqzenw3xisynIK5KcvwOQr4DY0V2i4= ARC-Authentication-Results: i=1; imf27.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b="a1phd/oy"; spf=pass (imf27.hostedemail.com: domain of kees@kernel.org designates 147.75.193.91 as permitted sender) smtp.mailfrom=kees@kernel.org; dmarc=pass (policy=quarantine) header.from=kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1737056699; a=rsa-sha256; cv=none; b=i7Z9cy3np2axZ14DjW1SS0Mrqeq6D2FSayQ01jXv4Fx0intMqplgs6vktjxBoL0czFSOFV GToRrsSCqAEhV+fQruOLulJMx1lguUuJZ/FQ83hVX8N8UMiKKd1AwhIFUj/wjQxclL7EoA xezcYr1KLtDh7TPlC+iCvlTHeDsVTvs= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by nyc.source.kernel.org (Postfix) with ESMTP id 71F7EA4277E; Thu, 16 Jan 2025 19:43:10 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id C30A5C4CED6; Thu, 16 Jan 2025 19:44:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1737056697; bh=TEcInxXqaWQt2rTOxvGzHMAPLNcnkyzDnNrvv/XTaRg=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=a1phd/oyfXGx+f1iN3ieRDZSgWJvrTkIJupTdJAbOo07OKZJ+/FLjEmTBZtaBWj2a 2OBLnhtezAFnkL17d/XZlOJKEHBYaEZ7nDYS/SX7k3xu5S4uRi+TcpDU1P7EMhO3Hk fnMfi5exQu7WjcuQLj2T1VJ875vCMcVMru16s8KnZUk2i+BSUHoJ3C/OZYefz2+ra8 pzfUQb9x80VfmMHjBNk4Tc9S/mADK0RB0h6DFYbBSseLXOBpcUArTN8t+gqS5LlPBT apEPSCPASWUxpLTrzffIS0cvqQ9Mn2K6lUS2jom1rLyhogbf46Kzbb+4MBby1CeExQ uPx7ht5rQRW5g== Date: Thu, 16 Jan 2025 11:44:54 -0800 From: Kees Cook To: Lorenzo Stoakes Cc: Jeff Xu , akpm@linux-foundation.org, jannh@google.com, torvalds@linux-foundation.org, adhemerval.zanella@linaro.org, oleg@redhat.com, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, ojeda@kernel.org, adobriyan@gmail.com, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, hch@lst.de, peterx@redhat.com, hca@linux.ibm.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, Liam.Howlett@oracle.com, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, Vlastimil Babka , Andrei Vagin , Dmitry Safonov <0x7f454c46@gmail.com>, Mike Rapoport , Alexander Mikhalitsyn , Benjamin Berg Subject: Re: [PATCH v4 1/1] exec: seal system mappings Message-ID: <202501161142.FBA5CDA116@keescook> References: <20241125202021.3684919-1-jeffxu@google.com> <20241125202021.3684919-2-jeffxu@google.com> <202412171248.409B10D@keescook> <202501061647.6C8F34CB1A@keescook> <5cf1601b-70c3-45bb-81ef-416d89c415c2@lucifer.local> <202501151538.3E757401@keescook> <84c6a105-4486-4bae-bbd3-787a4566c143@lucifer.local> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <84c6a105-4486-4bae-bbd3-787a4566c143@lucifer.local> X-Rspamd-Queue-Id: 09E5040003 X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: 8yk7abj3gixzxqgkaf13gya1achm7kmk X-HE-Tag: 1737056698-519388 X-HE-Meta: U2FsdGVkX1+61cj4NQYU6JlQLGaH8LF6GupwSG4s3KVGiSKjD3zllUxrnRpvgtJ5ZXFPsFx/BZGHHHoNiq3ghueLiRAI18RN8l8SO0T9GDX0POqik4dOtnxkrCalqLlj9sikG6ljtGKWObl1uPu/rcQ4G1UIAHE/GmJgCwKLRP0o2+Ydhf9GaM+4wO5fGOASNiqjmQbGW6fnZ5UjVkQblQOZwlBkgUGZwv+WXRhGj6S1WVPUzG5jUFDXFhUGkSGmO+O8CIshpfpyH8O4jTJppGR1+IZGE4dZnviEOWaDC9m/CK3AacWGCmn9PEsr5DdGugMN2/u9H5zhv6UBqKMtO9KRX/2z2vuAQzE1kW6y+yHwRQqtS1dLU0aojCF+A/OYICw1E1TJCqMEq6+9ezjporXjHv2wHpNRrz8ORYicP636pYB/7EekolSnrcAmild8E2CAQXPXg1vBC0z9pbcu/cdcXM/mlNGMogTbFcN3cjWTpGUPK0qOUfk2MCwQ5bFMVhx8KzDomtmoRVvmlw6R94jun3WYw7QeYnSOdZvzCpDi7LiMFFgRHdrCAXNTURbQcLQmdO2AxW4xbqIbmj3IeZeSVDlebCaQmQjqZdzUS0JaHeO+JDQ1ygVwXi1yHpceAoL0zH4KPTQ7nwfKUOhTfPD65N9jYBLabsm1nzzd4aCRRkpLRFeCxyjS3aYOdH+7sWhTwcvXcVTeAD1+0FDHdd3WlXUphdLUD0IBwRovvAwX7LUjK7ylWNLD0rsnT+nmjPW4NFKtIz+qFErI6jlbzhOJW/3peggbqfeMeH8iqxZC9cCrTnbFV3krborLb63pPKXW/8mBDGXxYvnPAdHzMpgos9p63KgEuGkNdHX4Mnmh6uM9/DsVV38NvQhQedn/swgcUWAC+hFQqrCH5qkC+dISWOJSTyZfJyc/SgP7ZB2b3n0KzFdRUE9eV+Y2jAlcu5Zy+eZba3KGw6eXRRZ Zz1qDEdf 2wBz0JXM27BtuuegTiwATBeltuKNqqSst8HNIV5QQYomGOj2T2sSwQKKiBNb6JFsWQfaSOFDk2KpF5SbYb21xksaw1Cimrv1VsS1hSeSYdZIOwQvnYzPxnpFj+iLZ9xq6f0BYq+1mzb3etMXeYwOpi+rHHjyBq12fwbloNJLiLCO4ZTv+nOJzV4ivVK6YBAyUcLhPGPSJHwjPsXIz1CRp6+4+2burj5MhsxombtiQmjM3c3xntCKJCoCtrVZfZnT7QrZOAMzIBE6dxIpsuqOgaqhtedo55mVsnYRBePl7WPPX8PEKF7JfL69Gm3S9KO26epwN X-Bogosity: Ham, tests=bogofilter, spamicity=0.001050, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Thu, Jan 16, 2025 at 03:34:40PM +0000, Lorenzo Stoakes wrote: > This was originally addressed with config flags, but then boot options were > provided which completely overrode this. > [...] > Again, I have no objection to a version of this series which explicitly > disallows known-broken scenarios. Okay, thanks. Honestly, it will motivate me to finally make CRIU a boot param too. I'd like to run distro kernels but keep CRIU fully disabled (it provides some "extra" introspection of seccomp filters that feels wrong to me, but is needed for CRIU -- but I don't use CRIU...) -- Kees Cook