From: jeffxu@chromium.org
To: akpm@linux-foundation.org, keescook@chromium.org,
jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz,
lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com,
adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com,
benjamin@sipsolutions.net
Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org,
linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com,
hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de,
adobriyan@gmail.com, johannes@sipsolutions.net,
pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org,
anna-maria@linutronix.de, mark.rutland@arm.com,
linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de,
rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com,
f.fainelli@gmail.com, gerg@kernel.org,
dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org,
mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org,
ardb@google.com, enh@google.com, rientjes@google.com,
groeck@chromium.org, mpe@ellerman.id.au,
aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com,
Jeff Xu <jeffxu@chromium.org>
Subject: [RFC PATCH v5 0/7] mseal system mappings
Date: Wed, 12 Feb 2025 03:32:20 +0000 [thread overview]
Message-ID: <20250212033227.1279141-1-jeffxu@google.com> (raw)
From: Jeff Xu <jeffxu@chromium.org>
The commit message in the first patch contains the full description of
this series.
------------------
History:
V5
- Remove kernel cmd line (Lorenzo Stoakes)
- Add test info (Lorenzo Stoakes)
- Add threat model info (Lorenzo Stoakes)
- Fix x86 selftest: test_mremap_vdso
- Restrict code change to ARM64/x86-64/UM arch only.
- Add userprocess.h to include seal_system_mapping().
- Remove sealing vsyscall.
- Split the patch.
V4:
https://lore.kernel.org/all/20241125202021.3684919-1-jeffxu@google.com/
V3:
https://lore.kernel.org/all/20241113191602.3541870-1-jeffxu@google.com/
V2:
https://lore.kernel.org/all/20241014215022.68530-1-jeffxu@google.com/
V1:
https://lore.kernel.org/all/20241004163155.3493183-1-jeffxu@google.com/
Jeff Xu (7):
mseal, system mappings: kernel config and header change
selftests: x86: test_mremap_vdso: skip if vdso is msealed
mseal, system mappings: enable x86-64
mseal, system mappings: enable arm64
mseal, system mappings: enable uml architecture
mseal, system mappings: uprobe mapping
mseal, system mappings: update mseal.rst
Documentation/userspace-api/mseal.rst | 5 +++
arch/arm64/Kconfig | 1 +
arch/arm64/kernel/vdso.c | 23 +++++++----
arch/um/Kconfig | 1 +
arch/x86/Kconfig | 1 +
arch/x86/entry/vdso/vma.c | 17 ++++++---
arch/x86/um/vdso/vma.c | 7 +++-
include/linux/userprocess.h | 18 +++++++++
init/Kconfig | 18 +++++++++
kernel/events/uprobes.c | 6 ++-
security/Kconfig | 18 +++++++++
.../testing/selftests/x86/test_mremap_vdso.c | 38 +++++++++++++++++++
12 files changed, 137 insertions(+), 16 deletions(-)
create mode 100644 include/linux/userprocess.h
--
2.48.1.502.g6dc24dfdaf-goog
next reply other threads:[~2025-02-12 3:32 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-12 3:32 jeffxu [this message]
2025-02-12 3:32 ` [RFC PATCH v5 1/7] mseal, system mappings: kernel config and header change jeffxu
-- strict thread matches above, loose matches on Subject: below --
2025-02-12 3:21 [RFC PATCH v5 0/7] mseal system mappings jeffxu
2025-02-12 11:24 ` Lorenzo Stoakes
2025-02-12 12:37 ` Pedro Falcato
2025-02-12 14:01 ` Lorenzo Stoakes
2025-02-12 14:08 ` Johannes Berg
2025-02-13 19:59 ` Pedro Falcato
2025-02-13 20:47 ` Kees Cook
2025-02-18 23:18 ` Pedro Falcato
2025-02-19 13:46 ` Adhemerval Zanella Netto
2025-02-19 17:17 ` enh
2025-02-23 2:05 ` Jeff Xu
2025-02-12 22:05 ` Kees Cook
2025-02-13 14:20 ` Jeff Xu
2025-02-13 18:35 ` Liam R. Howlett
2025-02-13 19:34 ` Kees Cook
2025-02-13 20:10 ` Liam R. Howlett
2025-02-13 14:19 ` Jeff Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250212033227.1279141-1-jeffxu@google.com \
--to=jeffxu@chromium.org \
--cc=42.hyeyoo@gmail.com \
--cc=Jason@zx2c4.com \
--cc=Liam.Howlett@Oracle.com \
--cc=adhemerval.zanella@linaro.org \
--cc=adobriyan@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=aleksandr.mikhalitsyn@canonical.com \
--cc=anna-maria@linutronix.de \
--cc=ardb@google.com \
--cc=ardb@kernel.org \
--cc=avagin@gmail.com \
--cc=benjamin@sipsolutions.net \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=deller@gmx.de \
--cc=enh@google.com \
--cc=f.fainelli@gmail.com \
--cc=gerg@kernel.org \
--cc=groeck@chromium.org \
--cc=hca@linux.ibm.com \
--cc=hch@lst.de \
--cc=jannh@google.com \
--cc=johannes@sipsolutions.net \
--cc=jorgelo@chromium.org \
--cc=keescook@chromium.org \
--cc=linus.walleij@linaro.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lorenzo.stoakes@oracle.com \
--cc=mark.rutland@arm.com \
--cc=mhocko@suse.com \
--cc=mike.rapoport@gmail.com \
--cc=mingo@kernel.org \
--cc=mpe@ellerman.id.au \
--cc=ojeda@kernel.org \
--cc=oleg@redhat.com \
--cc=pedro.falcato@gmail.com \
--cc=peterx@redhat.com \
--cc=peterz@infradead.org \
--cc=rdunlap@infradead.org \
--cc=rientjes@google.com \
--cc=sroettger@google.com \
--cc=thomas.weissschuh@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=vbabka@suse.cz \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox