From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C4616C04FF7 for ; Wed, 20 Sep 2023 19:56:23 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2D31A6B0160; Wed, 20 Sep 2023 15:56:23 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 283766B0170; Wed, 20 Sep 2023 15:56:23 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 14C026B018A; Wed, 20 Sep 2023 15:56:23 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 07CAF6B0160 for ; Wed, 20 Sep 2023 15:56:23 -0400 (EDT) Received: from smtpin21.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id CEA9B140161 for ; Wed, 20 Sep 2023 19:56:22 +0000 (UTC) X-FDA: 81258032604.21.2066CB0 Received: from mail-pf1-f174.google.com (mail-pf1-f174.google.com [209.85.210.174]) by imf28.hostedemail.com (Postfix) with ESMTP id 06841C0023 for ; Wed, 20 Sep 2023 19:56:20 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=KESt8bTg; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf28.hostedemail.com: domain of revest@chromium.org designates 209.85.210.174 as permitted sender) smtp.mailfrom=revest@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1695239781; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=7bdO0xz/gxnMyoNh9ci7U8VYkxhPXGCIftSFtRqg4ck=; b=k2u950E8RKvSEpdbHrH5IZeoH3HaGQktdX7a2D++eVUr1Alk6OAjv3YH+OXxYKVpG6TsUF efmL+3ifDGya8Fq1BAuBNXDZ4XMZe6wlM9v60gCdXhRNurijMgVm3g0LbP0z9XAk5H7gU0 9RJ3SA0eEWyHFysatHp/NTKptvQr6Zk= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=KESt8bTg; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf28.hostedemail.com: domain of revest@chromium.org designates 209.85.210.174 as permitted sender) smtp.mailfrom=revest@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1695239781; a=rsa-sha256; cv=none; b=1kwyXNPybf3upL0vbaB+XxYCB2eDeajOTtoD/WZ4OJ7Z9a57ObGUy4/VIFPXiooN3eIPt6 krtRdpHfD5XhGOxT0FYwuGRxEejAERQoujZaUIwirTXrTq29+K34w9q/MdS9cnB6b4XysF Pr4NnofPeHLbmC61Vye3B64u711foDo= Received: by mail-pf1-f174.google.com with SMTP id d2e1a72fcca58-690f7d73a3aso159656b3a.0 for ; Wed, 20 Sep 2023 12:56:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1695239780; x=1695844580; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=7bdO0xz/gxnMyoNh9ci7U8VYkxhPXGCIftSFtRqg4ck=; b=KESt8bTgJsSw8dIiEMC9SPLQ7ihtiBpIyfa/HCij5q1bgup/af9Bbr1NtmYwAeHFyM A0eu/MV5b9rCFanjK0Z4xpAuN71PZno1v+y8TK8CEpYa1JhQzHWyBUkXqLICvdPPQ4u9 5Rsae6MtpXO05Q/Ch64lfyRLIJkqHQ/lDPgSQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695239780; x=1695844580; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7bdO0xz/gxnMyoNh9ci7U8VYkxhPXGCIftSFtRqg4ck=; b=MXZQWrxbRwfSkRUnovkc/cnhG+bPRA6XCUO280VTFnF8jJdRqTOV1fJEKW+lt/JV3r 8nZlDSj5TeJ0sr5DruKWrQNh3YARTL6P/D+6UdpIOGsmOY6/pGWmcWP0SRvQfKZHGzC7 /kecdzVuWReLEww0SgzcE0IZyr/TTEncY6bIlovi+t8VrdVVm/qzPeWADfNpZclDd3Cn aH+wevBi0HNxr9j/8MKny38nTXIbmfQW8OPJBCILs3t6qts0vi2YezZH5hJSO9LiU+Ri +eyRw9WXEYUKHVGL6ewrgbFW/gSRI8f1d8RupvSQLn1t8q7AVKzEzDKiC8V29YItKLon tYfg== X-Gm-Message-State: AOJu0YxyPz2DDzkypSu1LnZ/jfY5zRA5OwOa47fi55PiPQvji1J+gfXV FhU82I5X+7eGrs4LQljxdp+M7oNSzqt0K4FW6xlg7bUANSzdWUnR X-Google-Smtp-Source: AGHT+IG97grYrf1f+1/GPnB+nLQJi0Xuo6U+yKZnrtMxq1kiVmE5PIYdDxz1aL+J+cXXEsuiMZxu4Ya9H8MjXCSPtKg= X-Received: by 2002:a05:6a20:5608:b0:159:ee33:12f with SMTP id ir8-20020a056a20560800b00159ee33012fmr3167396pzc.56.1695239779810; Wed, 20 Sep 2023 12:56:19 -0700 (PDT) MIME-Version: 1.0 References: <20230828150858.393570-1-revest@chromium.org> In-Reply-To: <20230828150858.393570-1-revest@chromium.org> From: Florent Revest Date: Wed, 20 Sep 2023 21:56:08 +0200 Message-ID: Subject: Re: [PATCH v4 0/6] MDWE without inheritance To: linux-kernel@vger.kernel.org, linux-mm@kvack.org Cc: akpm@linux-foundation.org, catalin.marinas@arm.com, anshuman.khandual@arm.com, joey.gouly@arm.com, mhocko@suse.com, keescook@chromium.org, david@redhat.com, peterx@redhat.com, izbyshev@ispras.ru, broonie@kernel.org, szabolcs.nagy@arm.com, kpsingh@kernel.org, gthelen@google.com, toiwoton@gmail.com, ayush.jain3@amd.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Stat-Signature: ynbfhet43p3wcjby3mes84exyc3i7gjf X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 06841C0023 X-HE-Tag: 1695239780-983502 X-HE-Meta: U2FsdGVkX18ZFnwNor6TwcdlOQ1kLg6oRVjRUnVSvBewJFmGbbNHCvibWNwkQSja6ZN89hnogTbKx34z0lU/A/sPmw+DkqEscotHo1EPNbB8oPVA8JBegwtdqAbxTODZu5DNNVEqhgTB4RKCsMsX7Jy00oe9qZFZLxLDK1ZLiJJvM2+zYRUIj9o2eDofnjzIWm+2H/oMdnKeaXK1RIn3AbSmbjmXdBtjhWXeNfvtgoAMWLSBqNtOr7q04Myi7HMKf/4o4UMmVUDpB9qJJ/YzqxZPoMB/6pHA578jo0Pg+6QfDyn+VQDAgKlLblgjQ30kG7yRYyLG89aenB++suBlFHXJ1/8j4VvSBXO/iHqqMsPrL7mUP1se2XhhXc9I/JEvRBNZ15qL9YhzjuVzmuNWJYavXAluSnO3re54BcxWPETnQsG5o9ULJ9h8Z98hnydaudY6oCn1McqEIcoLDq87a5JDLfajtOX2ZIzi61rf9Fr0aNqhK9VVj835CKP6nf6oSAsQodlxJbthQfJ8FKjNfNeJODug7ASfTQuswuDL8rcOzUO7D/xyKeldrRchOEYBt9wLEmfx++T9e+Z0cgWdtNSUVZWBnUrkC6Cd2O7R3SaYhf2fLlaMwfdJSU4+vt+MVb7RJHQ4jpMjI6XO9mUedCJbuECwlmdp7cB20pKmG2dhfs/kMEEDh2yP4ApAqxln3ul55Gi4KvbWdOcaqvfVAoxWBSKIaF5bb+xTcj+NZk0U4LA2lud9j+DiDF8lnSl4eXqx4qQBmcuysGgeX3dlXqHRDfhoxUQLFNSBR59NChSr2gJrEifptueyEJM5oE11c1rhs5/a7Qek+dU0p+HBbIEr59M8q+Zz/1zNGO4RW1mzhI5moiKrkKmIzW4HRko7jpBSqoVkOm5ZNiFwTBBUuFYLYqurfXnH1tzfplzazrJ6oC7lEBl5JEs4AsN6v1r5jgxdP7wKrDeEosm+qxf BGkS0A0U m1oV18apnGkAD4RUuEBxbGXzvF7SerBi5LPtKs9CITK94VXjyuIVWvnz8/ZpKEow3CPvUhn1HmoJioeK8A7h4ZIBAvokcl6bJU+D3+VRNgXd9OVMq3qQjhzOQ4ubF4jI2OeJ7KF4QAMNJkH98BaVR9uE7ox7Il1pH/IPg1A3okqDhoyeIHzfrSlb2C7ZtNjBGnRtWolElm2LkM7TaKasawQcK2Z48mbhUKdvvmkFbTdGCmorpbEr9XlpfaFijZcMitrBsgumsrbytBmnqXA6KVqLyR9HQB9n9WJ0bgQpWorW4W+tky/aR+B8po97UkYQYufzgMLl8MI03UUbs3dp0bB7L6OL1kxzd06Zn X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: It looks like this series got quite a few Reviewed-by now. What should be the next steps to have it merged ? On Mon, Aug 28, 2023 at 5:09=E2=80=AFPM Florent Revest wrote: > > Joey recently introduced a Memory-Deny-Write-Executable (MDWE) prctl whic= h tags > current with a flag that prevents pages that were previously not executab= le from > becoming executable. > This tag always gets inherited by children tasks. (it's in MMF_INIT_MASK) > > At Google, we've been using a somewhat similar downstream patch for a few= years > now. To make the adoption of this feature easier, we've had it support a = mode in > which the W^X flag does not propagate to children. For example, this is h= andy if > a C process which wants W^X protection suspects it could start children > processes that would use a JIT. > > I'd like to align our features with the upstream prctl. This series propo= ses a > new NO_INHERIT flag to the MDWE prctl to make this kind of adoption easie= r. It > sets a different flag in current that is not in MMF_INIT_MASK and which d= oes not > propagate. > > As part of looking into MDWE, I also fixed a couple of things in the MDWE= test. > > This series applies on the mm-everything-2023-08-25-20-06 tag of the mm t= ree: > https://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm.git/ > > Diff since v3: > - Added a bunch of Reviewed-by, Acked-by and Tested-by. Thanks everyone! > - Reworded patch 2's description for clarity > - Removed an unnecessary int cast > - Added test coverage for errnos of invalid prctls (EPERM/EINVAL) > - Added test coverage for can_keep_no_flags and can_keep_both_flags > > Diff since v2: > - Turned the MMF_INIT_FLAGS macro into a mmf_init_flags function as sugge= sted by > David Hildenbrand > - Removed the ability to transition from to PR_MDWE_REFUSE_EXEC_GAIN from > (PR_MDWE_REFUSE_EXEC_GAIN | PR_MDWE_NO_INHERIT) which also significantl= y > simplifies the prctl_set_mdwe logic > - Cc-ed -stable on patch 3 as suggested by Alexey Izbyshev > - Added a handful of Reviewed-by/Acked-by trailers > > Diff since v1: > - MMF_HAS_MDWE_NO_INHERIT clears MMF_HAS_MDWE in the fork path as part of= a > MMF_INIT_FLAGS macro (suggested by Catalin) > - PR_MDWE_* are defined as unsigned long rather than int (suggested by An= drey) > > Florent Revest (6): > kselftest: vm: Fix tabs/spaces inconsistency in the mdwe test > kselftest: vm: Fix mdwe's mmap_FIXED test case > kselftest: vm: Check errnos in mdwe_test > mm: Make PR_MDWE_REFUSE_EXEC_GAIN an unsigned long > mm: Add a NO_INHERIT flag to the PR_SET_MDWE prctl > kselftest: vm: Add tests for no-inherit memory-deny-write-execute > > include/linux/sched/coredump.h | 10 ++ > include/uapi/linux/prctl.h | 3 +- > kernel/fork.c | 2 +- > kernel/sys.c | 32 ++++-- > tools/include/uapi/linux/prctl.h | 3 +- > tools/testing/selftests/mm/mdwe_test.c | 137 ++++++++++++++++++++++--- > 6 files changed, 163 insertions(+), 24 deletions(-) > > -- > 2.42.0.rc2.253.gd59a3bf2b4-goog >