From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 36296C02193 for ; Tue, 4 Feb 2025 18:17:41 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C374128000D; Tue, 4 Feb 2025 13:17:40 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id BC041280008; Tue, 4 Feb 2025 13:17:40 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A60B228000D; Tue, 4 Feb 2025 13:17:40 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 8493A280008 for ; Tue, 4 Feb 2025 13:17:40 -0500 (EST) Received: from smtpin02.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 0C497A0BC9 for ; Tue, 4 Feb 2025 18:17:40 +0000 (UTC) X-FDA: 83083070280.02.9A16212 Received: from sipsolutions.net (s3.sipsolutions.net [168.119.38.16]) by imf06.hostedemail.com (Postfix) with ESMTP id 4EE9C180007 for ; Tue, 4 Feb 2025 18:17:38 +0000 (UTC) Authentication-Results: imf06.hostedemail.com; dkim=pass header.d=sipsolutions.net header.s=mail header.b=Ynus8l2S; dmarc=pass (policy=none) header.from=sipsolutions.net; spf=pass (imf06.hostedemail.com: domain of johannes@sipsolutions.net designates 168.119.38.16 as permitted sender) smtp.mailfrom=johannes@sipsolutions.net ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1738693058; a=rsa-sha256; cv=none; b=W0VIIvQQ8BuR/fWaQ2m01J/DCmqqUK8XNNn4NF+lsxTt+oGQ4oVi0yNY9MkxXvWgZL5VfO /y38RcYiJZh3k87CPiPDtAoIrxtLQBC914g8s1wxqL28VHSTzB1wDlRRzv+cX83Cs7zp+X MN/BPqBlGtWgzgOsuxIe4/nieFxfEn8= ARC-Authentication-Results: i=1; imf06.hostedemail.com; dkim=pass header.d=sipsolutions.net header.s=mail header.b=Ynus8l2S; dmarc=pass (policy=none) header.from=sipsolutions.net; spf=pass (imf06.hostedemail.com: domain of johannes@sipsolutions.net designates 168.119.38.16 as permitted sender) smtp.mailfrom=johannes@sipsolutions.net ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1738693058; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=22HW7+XMxKFHo+/mgAG8vFkQ7pc97tPqNxUhKaWnrMY=; b=SbcRQmek8LTJL2AyMD4n7U8dXLSZdYU3ct1X2XFXPgx9TWUODF1YeexKPKxPaMrWh8hnxe ipJ0F7Z2vrCoWnCQHjRjy9nm18K6wh3pw9EGg640DwS99uZg1OALhpxEHjLPHGvURT/v/Y VQUl7h8zMoM7/0BiLHOmx4zeo0A7nQo= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sipsolutions.net; s=mail; h=MIME-Version:Content-Transfer-Encoding: Content-Type:References:In-Reply-To:Date:To:From:Subject:Message-ID:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-To: Resent-Cc:Resent-Message-ID; bh=22HW7+XMxKFHo+/mgAG8vFkQ7pc97tPqNxUhKaWnrMY=; t=1738693058; x=1739902658; b=Ynus8l2SU1M8xuK1rQ+4JUf4Jx7vefSMhrSNGYDuhSfbVeQ WadD8Pc5369UuvJojugC3CgmLKdjIf0WCjfTQB4JT57SU6/7uA0hoOwlS3buzoI4gOGRHeN0ev2Ao EjU5bzTSRpfpL6z/YAXY0wG5POWN//IDUHjhZOBEFu+ouYVeiOc1uFaluQgzFAdD0h3Qt4+U+wI97 8NSD2oNUNhpHGjHke0KqjqZhbQrBiAV6Tj7tJq1QjXZ/yEFQhG7YzoVwOVmFNSgD16wxpmJUX8gFV 5+ezjn649CZIDrLiwwiaaayT25b5CT7ek3AqIX/kG5f4WRqCP4em/DmgAOyeZiQA==; Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.98) (envelope-from ) id 1tfNUH-00000002sDY-46kF; Tue, 04 Feb 2025 19:17:30 +0100 Message-ID: <553df4d7ddadb0580a2c35fcf8d5b8c3aca69449.camel@sipsolutions.net> Subject: Re: [PATCH v4 1/1] exec: seal system mappings From: Johannes Berg To: "Liam R. Howlett" , Kees Cook , jeffxu@chromium.org, akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, adhemerval.zanella@linaro.org, oleg@redhat.com, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, ojeda@kernel.org, adobriyan@gmail.com, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, hch@lst.de, peterx@redhat.com, hca@linux.ibm.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, Vlastimil Babka , Lorenzo Stoakes , Andrei Vagin , Dmitry Safonov <0x7f454c46@gmail.com>, Mike Rapoport , Alexander Mikhalitsyn Date: Tue, 04 Feb 2025 19:17:28 +0100 In-Reply-To: References: <20241125202021.3684919-1-jeffxu@google.com> <20241125202021.3684919-2-jeffxu@google.com> <202412171248.409B10D@keescook> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.54.3 (3.54.3-1.fc41) MIME-Version: 1.0 X-malware-bazaar: not-scanned X-Rspam-User: X-Rspamd-Server: rspam01 X-Rspamd-Queue-Id: 4EE9C180007 X-Stat-Signature: isneyyk6g7n1qjt19r3381w4o3u4r75y X-HE-Tag: 1738693058-887896 X-HE-Meta: U2FsdGVkX1+BsR2tfc91vmJGw082IkxlXclSt5vZYcZUsPr+sYmp0j1oNVr07ZCJjmtMwrIjM8dGfTlBYJANAt0nTODg5GSD9TDZRD1FxtZpK2P0V5KMcNm4g9K+6FtkIJXntiSrGnvnH1rjVzqGM35Zqp+CRHE0igWZvuabnyW9lS1nX7eSJvT6Gxsb0CIpvn6oH8ySoYoBwQ/8l1uIw8NZmKEFW0w3sqNVtrOsVpSy+3vfTN0v6g7mI0abJaFRpfESLkWraz3/awZ9swMxcwh8fJPiAAJovvFI8sHeO+21JmfzsMbMdkPLoT2QF6YqvaSKXsS1IBAeE++G9R/mFbkJb6pHJaUrn4muMtSze40YKxTxoXzUIN4NhwdsHyKiyYlnbQqNF1Q69ARbotXBRckLmybbcYJdNOp+CM2pqwyMqvEfzP6KDKZDzRGkgR1LbyN1pFp0SHCRhuLKIqJxPmwOzrRWB5O9ZhEJyLmmfxPOsHCkFjXIjjv+uCzsa+MDHgUdrNqkGorxbdCKU+vEd2E9HDdJfnPLPuOPgw1/u7C0UTwB5qSPhgqL/Np1Fx2NbUjlwd4HgafSY84auMvKE8fTfTGPyD2jlvKiekLsrR5vfxaDulIFW/bP2OWIy0jjPAgf1XQ5vd8TNMxWh66qLMCgd1UtZTlALI+m4rzKpVoxHsKOS3qOzykN+uqRJsYbzwhKrGsmO6IRC92YGugN7dgBXirBhzRu2KJyRnjfZFVlUCR7x0tGXn/oNUG8ythAFtryjTN0ATmUK3/2vtgTukvOWCVJmN2BTzliATjhYDrsY83UrWxUCDdNiSL2ivBYrLivLISpUdqzSwATzEGNHXz81pPiJ+MZV0WGUVfc25XzFS5Km6thqcsiaSuoCl2dq2PSZlL4R1rsnhiBozeiyluVKqKXtVckYU9IA9UzsicrqPjZSZ+/rf5B1KbpMQQW1BnUwZM75g6K7uHAvrK oZdJJbqX XhkDi4+DRRY+scXlNeR4/uoWCTWpQpvHtn3gFdvceUCFMpYQP6UQdRZwyhoO0XT3Y7UO2XOmP0+YM51eTGr/YQCegs+HK6w7vnlHC0LILfOhCfJroYv2KTPA8s7K3xrZRcIxRH3Q8/GjOgmMmL9bgpdFPshB4q16zdb98hwG6Dtv6Titp2fXJ4IW6fvwPcInfwADH1/rcn0vaw3rtfbwzHxkdVazgqEP2oKK3vL5+wbD1PXpQFwDG7K7F5LYT1az4rjyb/zRhEGLRvi4gsbmvrixyRpKpigjCMBVRFnXavb+vIjtXzDdbKEI+OIj9a4uPmFn2of44CtPPpQdfq+Kyf6lEJH76BgJYUiap39srxEC6kn3qV6YU4Tmp/vnFY1ko5VF1HNIQD6P5E4Q= X-Bogosity: Ham, tests=bogofilter, spamicity=0.033017, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, 2025-01-03 at 15:48 -0500, Liam R. Howlett wrote: >=20 > So we have at least two userspace uses that this will breaks: checkpoint > restore and now gVisor, but who knows what else? I believe we previously pointed out it might also break running the ARCH=3Dum kernel: https://lore.kernel.org/all/2e5de601da34342d8eb0d8319dcf81ff213c7ef0.camel@= sipsolutions.net/ johannes