From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7B376CED24D for ; Mon, 7 Oct 2024 23:42:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DBDE96B0083; Mon, 7 Oct 2024 19:42:46 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D6DCA6B0085; Mon, 7 Oct 2024 19:42:46 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C5CFC6B0088; Mon, 7 Oct 2024 19:42:46 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id A76A56B0083 for ; Mon, 7 Oct 2024 19:42:46 -0400 (EDT) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 3C169414C4 for ; Mon, 7 Oct 2024 23:42:45 +0000 (UTC) X-FDA: 82648433532.15.0257CD5 Received: from casper.infradead.org (casper.infradead.org [90.155.50.34]) by imf24.hostedemail.com (Postfix) with ESMTP id D6A03180008 for ; Mon, 7 Oct 2024 23:42:42 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=infradead.org header.s=casper.20170209 header.b=fpo+XsuO; spf=none (imf24.hostedemail.com: domain of rdunlap@infradead.org has no SPF policy when checking 90.155.50.34) smtp.mailfrom=rdunlap@infradead.org; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1728344431; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=VrtXwXq/sxxK98DUTL4FztbDLyq5StqonQB645wrmOk=; b=QyrNwe7DRAt8qYCPkgoFPBxXH/QgQFvHXtnsyilhRD2oruW9advG3zfmJ+lQhg6HpPLALY esKO3rHsMe4C1G9lqCh1fBrSb7KYfIy1qivYn1a9jyRUpxeGnP5ulPciq9N92rjmzhpy6B Je+ULKY0KtEWSH7ZAKn4tzGVQFmRvDw= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1728344431; a=rsa-sha256; cv=none; b=5ZcM+E+adO0B/V6SZUT4xrM9nJ2RHo5+9zNZHLZ1fSVxqjNa1rqNUytPjihm5GlLI4SRJt owCN7eDd4QFwX2sKNt4I506+m1Z6X8LhJ2UnAhfwezmI1PZsJDL3r/2EUMcOGGK6KK7hSN OfzmcUGqfVwpLPpfMc+PXe8QeKbKWzs= ARC-Authentication-Results: i=1; imf24.hostedemail.com; dkim=pass header.d=infradead.org header.s=casper.20170209 header.b=fpo+XsuO; spf=none (imf24.hostedemail.com: domain of rdunlap@infradead.org has no SPF policy when checking 90.155.50.34) smtp.mailfrom=rdunlap@infradead.org; dmarc=none DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=Content-Transfer-Encoding:Content-Type: In-Reply-To:From:References:Cc:To:Subject:MIME-Version:Date:Message-ID:Sender :Reply-To:Content-ID:Content-Description; bh=VrtXwXq/sxxK98DUTL4FztbDLyq5StqonQB645wrmOk=; b=fpo+XsuOLAEpysnTuaCqN/IJa/ bYQ2qq9lXZs7FE++WBbhqUgtGf0mLRDucgA3efWom3E48j65OPNkaPQ8goVehSzMFz+CWNvBIR1Si SHnsAg7KLemssU1CuI52iWUVupsxUHVtDo9aT6gLAu996eySCYvL43nxJpdmFoBSfwJxwfIUjZpb2 YmKT9DtGitnK0jzt2fVXdskNj/P4uRvrXqBD0itOf1pH0JeoHimLr5myS85Qpz+e28kayrEFGUryq aoQlLxX1u+VoXmwXXqRYdvgyqrFKpjVpqXOGNKiqonwWMPQKI4Ize1wp9kbmH/v4eRqDk//ENEkcS iJNbqMgQ==; Received: from [50.53.2.24] (helo=[192.168.254.17]) by casper.infradead.org with esmtpsa (Exim 4.98 #2 (Red Hat Linux)) id 1sxxN0-00000000y4L-1Cgw; Mon, 07 Oct 2024 23:42:31 +0000 Message-ID: <24700097-561f-4b81-a45c-e4f7b4b9b853@infradead.org> Date: Mon, 7 Oct 2024 16:42:21 -0700 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [RFC PATCH v1 1/1] exec: seal system mappings To: jeffxu@chromium.org, akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, adhemerval.zanella@linaro.org, oleg@redhat.com Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, ojeda@kernel.org, adobriyan@gmail.com, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, mike.kravetz@oracle.com, Jason@zx2c4.com, deller@gmx.de, davem@davemloft.net, hch@lst.de, peterx@redhat.com, hca@linux.ibm.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, nathan_lynch@mentor.com, dsafonov@virtuozzo.com, Liam.Howlett@Oracle.com, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, lorenzo.stoakes@oracle.com References: <20241004163155.3493183-1-jeffxu@google.com> <20241004163155.3493183-2-jeffxu@google.com> Content-Language: en-US From: Randy Dunlap In-Reply-To: <20241004163155.3493183-2-jeffxu@google.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: D6A03180008 X-Stat-Signature: dyonn64uix9dtbiwes33b45b1ehaeb43 X-Rspamd-Server: rspam09 X-Rspam-User: X-HE-Tag: 1728344562-685158 X-HE-Meta: U2FsdGVkX1+nnlC8T/0WQuTTVO0e3PmUCAQ6Aefh+iFk5OpMZgxavZZzy0NiKW/9beiYsStHYzhBnsQgw8ypOK71sLHxTX6CT1+JjaqFNpzGvLmNpSPc4/YKWRxln4GRbzgPOZt2tNkgEEgML4B9q4zB/OWHDoAfTzanPDI3EtHk7KBSltH15znPYirl2mtdzIHSdjx2MhypYOA0i1mhWd/jTmif17E4A80TIsjvWAboTpwlrHyONROHwss/EEJEMKKoqihOeW8D7E90VHYva2X42HzTszTTEfWuVsw7viN112x3gn8m7NTP2/I04C/nzpFwYht07s1FYo2S6nzCgVeCRKU8ky0DQPwuFAUJ5K4XNjuXY3rNf3vFwk2EBfhNerVTr+nSHQHY147QNtUdN+rWbzaeNovyQ0zQad2hhkD+X4vJS+fsXjFoN5rrzog/ZddOI5RWuUcHomf9ilCdNDjzeRrU9nvmJcm1sywlLGcqGEggLFxWWvk0MT5Y7slEiLAnNqetvoL1O/JhXY9qKrgPuUlLLjWXc4mBOxDRoAHmn3tg58Ah5qBo3OYXnhvhWsIwiNq4D1SXK9X4wU/ebnA9FBt36gwkK9V8T75kHpqx1lb37DJmno4iaKFhmkGB+t+zA3Mr5VmAH2dgEKV+2bMzobHxDx4c90wHkktbCXu71B115TpNxHYblyZqj8kUhv/wEQIP6+Tr0D7ejB4A2GNCEwZI6PDF44IQwwCie0EC3Jsq/3i7oaYXYar+Sn1QcdSObIdaYMqLzR1u2IQ8Mm4wVoBkySqZ7SBX6KooqeCLIgWLc/9JztK0dGxhaJXRC78Stn6nNZLLlYDcbKCdKZX2v6KfjI556ajV6Unxnc3bq/wfn9gxuENUbKYQD4he8k4Og5OLotkShFxpt5kbqfX9BcGCB5zmB73gwWdZThuilK0YtXejwqyZpxvKeV3RojkfXZ6k2EOrWUpq4ll g3azEqFt euBBvdPkqnu3AEj7+EZtnk5sg8hRlZ6CMoBGbVcVzvh4ybFxchzzRA/rvQ2LOOVy29hL5viJfmzjuRSViAbyVGY3rZWQmNwrMuZv7XVfYD4dVOBi6zUIACfJwvSWqbJIDv2xMekKwpLwreZyJuMS8GMm/jQVSyZR38szAyveGWyg6VNQqMHjthFwvV9g72QEmcb/GvSw4MRJxn77bp/VFTzPibh+RLEZajiKd2OgCEegzlWQGmHsjq5st5STdUVL4mnZsOgw+BWlytnwutmRJqlJHQqXV7YqYv+hfdw3+Oj6HPXEuI7JLJYoXl3hPzLd4OaudIlJ4CmsOdnoQuwV/wup30kAwk65XjE2MO/xKjQRODTg= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Hi Jeff, On 10/4/24 9:31 AM, jeffxu@chromium.org wrote: > From: Jeff Xu > > Seal vdso, vvar, sigpage, uprobes and vsyscall. > > > Signed-off-by: Jeff Xu > --- > .../admin-guide/kernel-parameters.txt | 9 ++++ > arch/x86/entry/vsyscall/vsyscall_64.c | 9 +++- > fs/exec.c | 53 +++++++++++++++++++ > include/linux/fs.h | 1 + > mm/mmap.c | 1 + > security/Kconfig | 26 +++++++++ > 6 files changed, 97 insertions(+), 2 deletions(-) > > diff --git a/security/Kconfig b/security/Kconfig > index 28e685f53bd1..e289fbb5d676 100644 > --- a/security/Kconfig > +++ b/security/Kconfig > @@ -51,6 +51,32 @@ config PROC_MEM_NO_FORCE > > endchoice > > +choice > + prompt "Seal system mappings" > + default SEAL_SYSTEM_MAPPINGS_NEVER > + help > + Seal system mappings such as vdso, vvar, sigpage, uprobes and > + vsyscall. > + Note: kernel command line exec.seal_system_mappings overwrite this. overwrites > + > +config SEAL_SYSTEM_MAPPINGS_NEVER > + bool "Traditional behavior - not sealed" > + help > + Do not seal system mappings. > + This is default. > + > +config SEAL_SYSTEM_MAPPINGS_ALWAYS > + bool "Always seal system mappings" > + depends on 64BIT > + depends on !CHECKPOINT_RESTORE > + help > + Seal system mappings such as vdso, vvar, sigpage, uprobes and > + vsyscall. > + Note: CHECKPOINT_RESTORE might relocate vdso mapping during restore, > + and remap will fail if the mapping is sealed, therefore > + !CHECKPOINT_RESTORE is added as dependency. > +endchoice > + > config SECURITY > bool "Enable different security models" > depends on SYSFS -- ~Randy