From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5C25FC282D0 for ; Wed, 5 Mar 2025 02:17:37 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 936896B0093; Tue, 4 Mar 2025 21:17:32 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 8EEB06B0095; Tue, 4 Mar 2025 21:17:32 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 7349B6B0096; Tue, 4 Mar 2025 21:17:32 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 528346B0093 for ; Tue, 4 Mar 2025 21:17:32 -0500 (EST) Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id EC659A536E for ; Wed, 5 Mar 2025 02:17:31 +0000 (UTC) X-FDA: 83185885902.27.67E4C06 Received: from mail-ed1-f54.google.com (mail-ed1-f54.google.com [209.85.208.54]) by imf28.hostedemail.com (Postfix) with ESMTP id 16E7FC0006 for ; Wed, 5 Mar 2025 02:17:29 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="Dv/4vohv"; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf28.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.54 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1741141050; a=rsa-sha256; cv=none; b=lDQEEMtz77nOJR0lkbGkxSuCdzjs/KkXcUUiScdlwMcCH5FLydl/akbuGDpWeAkjs++M/z /EzNkOg+RZi90gz5rTLubqMt+F2lduO8PnacSjWGgUsGekqTgNhlTGwzkn1LOZJTeOgAji tLAidJVd5mIFK5gmpHMaQGOnIn5nnwY= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="Dv/4vohv"; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf28.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.54 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1741141050; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=2GUuWdJKxZ3/BvY94DN0LEqc9J/B6h1FHzMtAHgZb/M=; b=EuTGK0xz6dRtvvXm2X8AdTyZb2FsSVZVNf8BGUPyBy2acaN1P3LC2xrbBYOi53tVmcQYKy UK+MOrwc3xT+beIVfZOqMT29yJD3xQHwJJW+Rz/yHiFa8H1UtaBE4vuErO0uUWliJgdcgI xMVy0umZDSLtbI3LlZ+t0T46ISNPf3I= Received: by mail-ed1-f54.google.com with SMTP id 4fb4d7f45d1cf-5dbf5fb2c39so762397a12.2 for ; Tue, 04 Mar 2025 18:17:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1741141049; x=1741745849; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=2GUuWdJKxZ3/BvY94DN0LEqc9J/B6h1FHzMtAHgZb/M=; b=Dv/4vohvpx/UolG7nEM6tHuXl9CxyPX1SpcUnMz2k5Cem4aQxERpynNgozdSniG5MC sLPx/o7gV7B7lxk9bpO0aVI+0kk4phAxaNx8UbKx1czDbX4EYi9vanqLH0kW/NaylLNo UiS2tmEbKRas6u1tZ96x7BItKTvj1BCnEgM9k= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741141049; x=1741745849; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=2GUuWdJKxZ3/BvY94DN0LEqc9J/B6h1FHzMtAHgZb/M=; b=sPrBsAIC95EcvxVuvuTc3llOmWKFBT3tQq7p8+9A/7/5Qk3U4XmTizWzHI803Z6aTe tRhMcOHbJCJPoRh+Geu+c1XkBqlvwalEsjvGJ2axl+zV18/lceDLjRGe2fkV1T8b2oZU gJqsqwHUdxgmkHQaiGcVRLNPBXzD43mj2IwHd57qXz3XjqKikeAw7j1eWrgHEHzo4NLN 8aH5WoOojdKZu6gsHlmJ5AOAqEBJwPVwvF2SVyGWDYTSsWZfyLdXBe/DdTaI+9U5AEnD /piFdzAQRFH4XIYCgDB2JEBwVC7vMj4wyTK/zciUrpKVqS6pCzaZA+4AFgHOv5jCarmC +WHQ== X-Forwarded-Encrypted: i=1; AJvYcCXHrrRCdowG0158Ci2+Z7vRScZoDa/G2PEBC9qT0rF3rp+jjQ+P0AdmWppI1fFLmLy3DDur/gPN1w==@kvack.org X-Gm-Message-State: AOJu0YydUMtgBai75N80KPjwlmJIZCLEG6/397EwyF5BhO6fpZSppvZL iCK5A/dEbyvQYYdTEIBYdbz7flvwWbg7ecKStToArJdYSIlmsvWJ2v1JXqShsg== X-Gm-Gg: ASbGncvucAqU2HCw1pNze31DBtKvc1ShOzJaGK9N96wLKx2Pf6eRwFeRCfjC9sKY08n MskS3XDNeT6Dqnbx+UXFTuGrJkOi1ZqAkboASV6HPlEnMVsbc5roSadRKZAYVdakm2ZuExk5T7P xxO2bxZW3Zpcd8dD+S+zX4CFjfPspDwxHh9Cs+WdtOzVwIFZNZjj0jxDevoeDigmzISV11CDzLv T1d1HW6l4Z4QuLN+BK5CQGUU205Oa5TDNeNOyGOt1Xng/dXuiX5S4u16O49zY/QJFd1sdAHcKxX cycqacWRCQUdr0rU4QQOYRVeJSGsUYOFoSHVyB+Rw3t5CRK5Il4cV6zHTay2ZJ4dzd0SOdzsEtM J X-Google-Smtp-Source: AGHT+IES9/6N/5toY1Cf9aspTXKgI3/7p+xl7igipg0af9FRFEO+OX7pUZ04JGOESjzxfe8IxQnMgQ== X-Received: by 2002:a05:6402:51d4:b0:5de:cb8d:1c82 with SMTP id 4fb4d7f45d1cf-5e59f3a84f8mr383796a12.4.1741141048576; Tue, 04 Mar 2025 18:17:28 -0800 (PST) Received: from cfish.c.googlers.com.com (40.162.204.35.bc.googleusercontent.com. [35.204.162.40]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5e4c43a55besm8891211a12.72.2025.03.04.18.17.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Mar 2025 18:17:27 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu , "Liam R. Howlett" , Kees Cook Subject: [PATCH v9 5/7] mseal sysmap: uprobe mapping Date: Wed, 5 Mar 2025 02:17:09 +0000 Message-ID: <20250305021711.3867874-6-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.711.g2feabab25a-goog In-Reply-To: <20250305021711.3867874-1-jeffxu@google.com> References: <20250305021711.3867874-1-jeffxu@google.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 16E7FC0006 X-Stat-Signature: ogxe7dmnt9tsscjteh4sh4m8naraj79j X-Rspam-User: X-Rspamd-Server: rspam05 X-HE-Tag: 1741141049-649779 X-HE-Meta: U2FsdGVkX1/rJgX63Nr3c5Hd9FRy4ei4Sz86rS7bvDUsVdbhp5GL8Vo+P0lkv+7KCYrgGEJ/AIMhxy/ZQzzGHRBaONbUH28GAkvOHY57dDUlUBUW36OGbIpHIYSAIk3FQF/4nWjfqOobtPLH1uuUdAcIwAtenw4tcYevzXZ7+2EKf0rO+L1Za9XS3z01orLCWuX4ouK4hmNcbR3BGYME+xBjuv3MHvf2+PIfOls6U/9BFzkYuGHJP8ZGgjVhBsJltD6yRpq4nr0s6Rhu0xXrsgB9QiXhVMQ4hrgjJmaDdd+tJ8oJOhyKN6Cpdpmh11n1Q8xXovchCYe4AbebRA1u8yOWg2Wlu0jwQ3pcGvfku3ROilqdU3TuFw0FozGlPUHeTMy0slCFXxVUOhM3fjiyFdgYcve4LpqrWcKBHFKvfbjFokS9OIyThRgaioKwfYsUTrmr3sGmjK8T/QB0jxbxTcxVfprbStc0SxjqO4dn7our34f/vwsujcQ1kAjxk4Snz5bCQFJo7YiaYHMU48XBxofPjaXXm2aS2yLwn4Y8Uj0Wvp1CjB5hXClFafzregk9sMLjbNOqUgw/P3mx8Sj8wPqNEQCAYccJ9vB5GxbVeGGjO4X2uoOlpM3omEhqI17mZEM24hR0TSwKz3XUwYNny9T3FuCSdRf6Wyhl5Qzk/dggFoOZMi/Z80qsuDLf4w9/5J+B2PRqLmvYPQUFL8tPqQAb2btwskUZakMZpPRJJa0eHuVtCG3HlXDORU8buYbP1RTXXt0CpVAoPKevHyS9p02zrI3WlmwuandmdflvBISY2qzmpum9/nR8mpxa0vY5CwkEBIcrL5qPDjK5rCP2mkfZUpkLsy+VVYeC0e/jTeyMdx1CSM89mH7ZSFNhOZNYXg02zgF1D0q+Iei6s/tWnLVS+/TxsQvfqTfUDtjiHJtUNTsiN5Cs+FgEyzYo8Q3YCNvU/vYp8r6lhsTNXqU /QDTzE1i r/8dGi3qjn1NvOqZIXI/yMfFnpnbANxNLZqjsoBVhNWo2Q3wIPNzZiCqdmeYn5fSIq40oCg2qmj9rwAKK2jy7QCWf53ydwdyiV0E/K3+HUbJqfGyzzrsUu7R+YdlzX5yUfSRXXXNYXKj4MsS8k7N+yNyZgkjC5GvrWkBwkauhl1y9zRpnv+WuEJT3KKo0zB+G5XWt+hWRPXDgdZlyGkRcYM5cfqJqs6sB8KZGoF7mFr1JJmy8MN6l3Di3JnidL4ZQWSDqjErwW0jQDzfVWGYfYopyShgqFe6DRLJ2DNxErHbSwXgG45zH12+gXMW0fQZKBuf41pN73H+UMUelJ/nwruPyxmEsb+M6km7k6qq0kHZaE0SgPUxL12KsMAGPlCzU3pDlaSyEQXa/tvYkDcCrsUlcEBmso4U+io0/vnG+E5uYn/qKPMIb0lMFTg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide support to mseal the uprobe mapping. Unlike other system mappings, the uprobe mapping is not established during program startup. However, its lifetime is the same as the process's lifetime. It could be sealed from creation. Test was done with perf tool, and observe the uprobe mapping is sealed. Signed-off-by: Jeff Xu Reviewed-by: Oleg Nesterov Reviewed-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett Reviewed-by: Kees Cook --- kernel/events/uprobes.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c index bf2a87a0a378..98632bc47216 100644 --- a/kernel/events/uprobes.c +++ b/kernel/events/uprobes.c @@ -1683,7 +1683,8 @@ static int xol_add_vma(struct mm_struct *mm, struct xol_area *area) } vma = _install_special_mapping(mm, area->vaddr, PAGE_SIZE, - VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO, + VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO| + VM_SEALED_SYSMAP, &xol_mapping); if (IS_ERR(vma)) { ret = PTR_ERR(vma); -- 2.48.1.711.g2feabab25a-goog