From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8AE83C021A4 for ; Tue, 25 Feb 2025 01:03:49 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CEC49280004; Mon, 24 Feb 2025 20:03:48 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id C9C3D280002; Mon, 24 Feb 2025 20:03:48 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B63D8280004; Mon, 24 Feb 2025 20:03:48 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 977BE280002 for ; Mon, 24 Feb 2025 20:03:48 -0500 (EST) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 3EE80C0637 for ; Tue, 25 Feb 2025 01:03:48 +0000 (UTC) X-FDA: 83156669736.06.F399939 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf10.hostedemail.com (Postfix) with ESMTP id 843F4C0013 for ; Tue, 25 Feb 2025 01:03:46 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=Uj0s2Yu3; spf=pass (imf10.hostedemail.com: domain of kees@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=kees@kernel.org; dmarc=pass (policy=quarantine) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740445426; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=UKBcqBQ1BNKO89foZ96EigC9Zb3lg7OsObVjNX1Bh7w=; b=N9eYIksQUfVLn0ScTvF8y4J5nI3WAEyA8O8NFQw6oO322R4wNNuky9G+pnisGVb3VOzUwg N6SbAU4IMpVEbco6lqGUS++dQcDiKRykpxn8HGT6rzXcKUmpBjMLYm0eL0QwruUCRuJVFH 4xGkRItxfiBpdyFKZGrwsxmTYv3fEVQ= ARC-Authentication-Results: i=1; imf10.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=Uj0s2Yu3; spf=pass (imf10.hostedemail.com: domain of kees@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=kees@kernel.org; dmarc=pass (policy=quarantine) header.from=kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740445426; a=rsa-sha256; cv=none; b=gvmuJz5a72IVrA7Tq2Ad2Bauj7uCSYakEWbUoxscn9Pm5CboEEe44iV/vL20CI7IT87t8E NDQTuG6TTVdmLQO32XlM2jk13PXHDobiX4JM/Xo+1qIEw1WoE3jM/OJhgkueYnDUtaZo71 gTpkf2iJzi7c+UuhKM5jUAvCNRNQ1Yo= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 7CECB5C5C5B; Tue, 25 Feb 2025 01:03:06 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 11094C4CED6; Tue, 25 Feb 2025 01:03:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1740445425; bh=qVBpEBOr3T9ej//S5va2dYCUn5teYHqMQYnjiTs0RJo=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Uj0s2Yu3wPdceenGrkKQiKxquc9/687ysdpx17KJFeceHbZWBw8hKJIL/4nO19wDc ANzsCbqSO1xH7WJ2+HudcZwuGCVCYxd1D2v6FIzL9Ll4Vpm3m1LZGYLsAIK0C49Q2m QU8I1utLt9nFMjZ/ZBOrxcrOYQONo7H5qFeR3PUp3TTytRVqZw12j4KYJLR1T5qMfC SYwCiaqt3iW8W/Dzf4rS842EtfCYrNuB4BqqtbNkRbQ9/fvLkII1teivkxN7uNV2QT zFNQBwr+dOYSKMAnqauYNkohyg6Om7R9NkONYRjlBjXSjJDKtv0xGE4W8h9va1l6w9 jNMPI/L2NCezw== Date: Mon, 24 Feb 2025 17:03:41 -0800 From: Kees Cook To: jeffxu@chromium.org Cc: akpm@linux-foundation.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com Subject: Re: [PATCH v7 3/7] mseal, system mappings: enable x86-64 Message-ID: <202502241703.10E2F5926F@keescook> References: <20250224225246.3712295-1-jeffxu@google.com> <20250224225246.3712295-4-jeffxu@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20250224225246.3712295-4-jeffxu@google.com> X-Rspam-User: X-Stat-Signature: 541jwij3ofssoo1t3pmehw8dmq1oe8yc X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 843F4C0013 X-HE-Tag: 1740445426-665205 X-HE-Meta: U2FsdGVkX18FQdbc5A0Q0Qt6Au85y7Vjkq4PQUvL8dx1r0MaulSxSCgsg5g0NOf6cb/twPARQb5xDOprVANo4LVGi5WO6Ogx5qX4ELexxtjNojYO6zjmT/NlBpCmoAixj/pgPlGTCjH2JW6g7LIRkznzsaQXqxRm6AsQDPQeyMCsFVEusMpKRdRszs93+AL0hALIEDJ8913S32ybuxO6VWiQ22TSzpciztl+uEccW4+tYLDVo9pktf87EBimHC4ZNBU/mZX5ckeMF2ja0HeaElcSvodSoF4ALw0uqXMVNN+ieyOPFbMM/tqNEiUfjRBDn9rZZyoxMVwT7/2b72ZCSzGsl11R9iGQXQbrEOgDpeLUWU/Dixh35pbnYhfe+jS8mZ3/5wcb2UFDRMZqjjZtQyYST3gFBgZuOOnItoRYpXs9LKgmvEVA73puIpsRA+lMZOKqhI07mi8WclThKeRBhaidKjFHjmanXL90iip77RSsaSs2+VJXxacI2JyeoRSrGDscafWXU7gGePx8h9mabSUJXJRFZoge9QUhGYYjp/wQKX+s0b0WHyDYGP+CRSN+IcBQqo5ZNe3GG17jE5v3UTCz+CxqO4sW6Jo5JEtIZEpVpoLXFetaYNtdicakLA96jx/19TILHJxnHGHSGj87igNWpZhRbCrKHMz7O3ACHJjkrur+j/GWQhgbS2uB4QhGacXng3riebRPo0JlmLn6ZqK1BRfUbaK37uXL39HCpLUosp1XWbqeh9ztfMMFSscrfsEm94PVimQIYDbEsyJEEM0vGlOVRXyyAIMFGP2DlUGvf3w3axKDdHy8C04gp7aAHIyC+oZVdHluHpN2drhLZ6mxDxdDJvQGS17Njcq+RZ7/78X3s97fV7pKe1z4GsvlkSXAAsFVp/8sgZM59Ahns7eTFYtPDglxZC7zkXpLddRrnLVPXLuflhPsUxl/bDp0Bietys51a5w7WMTy8OX 4vyuxKSt lc7c/dc1PQ1SwZmfXNmhk/NcDQF+XWzg/vKbG7J46p+nn49MNJVlJKPNMoCK0ScqYy6rJETlRNiQ49x81BVCflx5O6lk25nJcQVO8YJxhmq8H5vgvKqSOLdw/DQdKuiemQ0L6mQzwJzlMb2roL9cHfqDEUggVvKPSn15nY2lnuynNyBLaAKuaK09IQpBubYZ/Avqu4eiunOLF2xC6gZJ78kf6TT58d82Lah9KP4MVjgwUqTXVKNB+4cTEZCJuRkAQyIHzd3ssd4wGq2HVCf1f5illaONrJGqN6YTFVZXip1k1H57zqfr12uR40iMDqcq/vWSbppXpWpniMRKNIg05CmsgvlHPkRDSfqXS X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Feb 24, 2025 at 10:52:42PM +0000, jeffxu@chromium.org wrote: > From: Jeff Xu > > Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on x86-64, > covering the vdso, vvar, vvar_vclock. > > Production release testing passes on Android and Chrome OS. > > Signed-off-by: Jeff Xu > --- > arch/x86/Kconfig | 1 + > arch/x86/entry/vdso/vma.c | 16 ++++++++++------ > 2 files changed, 11 insertions(+), 6 deletions(-) > > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig > index 87198d957e2f..8fa17032ca46 100644 > --- a/arch/x86/Kconfig > +++ b/arch/x86/Kconfig > @@ -26,6 +26,7 @@ config X86_64 > depends on 64BIT > # Options that are inherently 64-bit kernel only: > select ARCH_HAS_GIGANTIC_PAGE > + select ARCH_HAS_MSEAL_SYSTEM_MAPPINGS > select ARCH_SUPPORTS_INT128 if CC_HAS_INT128 > select ARCH_SUPPORTS_PER_VMA_LOCK > select ARCH_SUPPORTS_HUGE_PFNMAP if TRANSPARENT_HUGEPAGE > diff --git a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c > index 39e6efc1a9ca..1b1c009f20a8 100644 > --- a/arch/x86/entry/vdso/vma.c > +++ b/arch/x86/entry/vdso/vma.c > @@ -247,6 +247,7 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr) > struct mm_struct *mm = current->mm; > struct vm_area_struct *vma; > unsigned long text_start; > + unsigned long vm_flags; > int ret = 0; > > if (mmap_write_lock_killable(mm)) > @@ -264,11 +265,12 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr) > /* > * MAYWRITE to allow gdb to COW and set breakpoints > */ > + vm_flags = VM_READ|VM_EXEC|VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC; > + vm_flags |= VM_SEALED_SYSMAP; > vma = _install_special_mapping(mm, > text_start, > image->size, > - VM_READ|VM_EXEC| > - VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC, > + vm_flags, > &vdso_mapping); I think these (in all patches) were supposed to be reworked without the "vm_flags" variable addition? -- Kees Cook