From: David Hildenbrand <david@redhat.com>
To: Florent Revest <revest@chromium.org>,
linux-kernel@vger.kernel.org, linux-mm@kvack.org
Cc: akpm@linux-foundation.org, catalin.marinas@arm.com,
anshuman.khandual@arm.com, joey.gouly@arm.com, mhocko@suse.com,
keescook@chromium.org, peterx@redhat.com, izbyshev@ispras.ru,
broonie@kernel.org, szabolcs.nagy@arm.com, kpsingh@kernel.org,
gthelen@google.com, toiwoton@gmail.com
Subject: Re: [PATCH v2 4/5] mm: Add a NO_INHERIT flag to the PR_SET_MDWE prctl
Date: Mon, 22 May 2023 11:01:10 +0200 [thread overview]
Message-ID: <7883b08b-6bdc-a214-96a3-3f5bc1d36da4@redhat.com> (raw)
In-Reply-To: <20230517150321.2890206-5-revest@chromium.org>
On 17.05.23 17:03, Florent Revest wrote:
> This extends the current PR_SET_MDWE prctl arg with a bit to indicate
> that the process doesn't want MDWE protection to propagate to children.
>
> To implement this no-inherit mode, the tag in current->mm->flags must be
> absent from MMF_INIT_MASK. This means that the encoding for "MDWE but
> without inherit" is different in the prctl than in the mm flags. This
> leads to a bit of bit-mangling in the prctl implementation.
>
> Signed-off-by: Florent Revest <revest@chromium.org>
> ---
> include/linux/sched/coredump.h | 10 ++++++++++
> include/uapi/linux/prctl.h | 1 +
> kernel/fork.c | 2 +-
> kernel/sys.c | 24 +++++++++++++++++++++---
> tools/include/uapi/linux/prctl.h | 1 +
> 5 files changed, 34 insertions(+), 4 deletions(-)
>
> diff --git a/include/linux/sched/coredump.h b/include/linux/sched/coredump.h
> index 0ee96ea7a0e9..11f5e3dacb4e 100644
> --- a/include/linux/sched/coredump.h
> +++ b/include/linux/sched/coredump.h
> @@ -91,4 +91,14 @@ static inline int get_dumpable(struct mm_struct *mm)
> MMF_DISABLE_THP_MASK | MMF_HAS_MDWE_MASK)
>
> #define MMF_VM_MERGE_ANY 29
> +#define MMF_HAS_MDWE_NO_INHERIT 30
> +
> +#define MMF_INIT_FLAGS(flags) ({ \
> + unsigned long new_flags = flags; \
> + if (new_flags & (1UL << MMF_HAS_MDWE_NO_INHERIT)) \
> + new_flags &= ~((1UL << MMF_HAS_MDWE) | \
> + (1UL << MMF_HAS_MDWE_NO_INHERIT)); \
> + new_flags & MMF_INIT_MASK; \
> +})
Why the desire for macros here? :)
We have a single user of MMF_INIT_FLAGS, why not inline or use a proper
inline function?
--
Thanks,
David / dhildenb
next prev parent reply other threads:[~2023-05-22 9:01 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-17 15:03 [PATCH v2 0/5] MDWE without inheritance Florent Revest
2023-05-17 15:03 ` [PATCH v2 1/5] kselftest: vm: Fix tabs/spaces inconsistency in the mdwe test Florent Revest
2023-05-22 8:52 ` David Hildenbrand
2023-05-17 15:03 ` [PATCH v2 2/5] kselftest: vm: Fix mdwe's mmap_FIXED test case Florent Revest
2023-05-22 8:53 ` David Hildenbrand
2023-05-17 15:03 ` [PATCH v2 3/5] mm: Make PR_MDWE_REFUSE_EXEC_GAIN an unsigned long Florent Revest
2023-05-22 8:55 ` David Hildenbrand
[not found] ` <884d131bbc28ebfa0b729176e6415269@ispras.ru>
2023-05-22 16:22 ` David Hildenbrand
[not found] ` <3c2e210b75bd56909322e8a3e5086d91@ispras.ru>
2023-05-23 9:12 ` David Hildenbrand
2023-05-23 13:07 ` Catalin Marinas
[not found] ` <f47d587fe5a6285f88191fbb13f367c7@ispras.ru>
2023-05-23 14:09 ` Catalin Marinas
2023-05-23 15:01 ` Szabolcs Nagy
[not found] ` <7c572622c0d8e283fc880fe3f4ffac27@ispras.ru>
2023-05-23 14:10 ` David Hildenbrand
2023-05-26 19:04 ` Florent Revest
2023-05-26 19:02 ` Florent Revest
2023-05-23 14:11 ` Catalin Marinas
2023-05-17 15:03 ` [PATCH v2 4/5] mm: Add a NO_INHERIT flag to the PR_SET_MDWE prctl Florent Revest
2023-05-22 9:01 ` David Hildenbrand [this message]
2023-05-22 16:11 ` Florent Revest
2023-05-23 16:36 ` Catalin Marinas
2023-05-26 19:05 ` Florent Revest
2023-05-17 15:03 ` [PATCH v2 5/5] kselftest: vm: Add tests for no-inherit memory-deny-write-execute Florent Revest
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7883b08b-6bdc-a214-96a3-3f5bc1d36da4@redhat.com \
--to=david@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=anshuman.khandual@arm.com \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=gthelen@google.com \
--cc=izbyshev@ispras.ru \
--cc=joey.gouly@arm.com \
--cc=keescook@chromium.org \
--cc=kpsingh@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mhocko@suse.com \
--cc=peterx@redhat.com \
--cc=revest@chromium.org \
--cc=szabolcs.nagy@arm.com \
--cc=toiwoton@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox