From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7E2B4C021A4 for ; Mon, 24 Feb 2025 19:33:59 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1242028000D; Mon, 24 Feb 2025 14:33:59 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 0AD7428000A; Mon, 24 Feb 2025 14:33:59 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E67E528000D; Mon, 24 Feb 2025 14:33:58 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id C6A2A28000A for ; Mon, 24 Feb 2025 14:33:58 -0500 (EST) Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 3FAE481BFE for ; Mon, 24 Feb 2025 19:33:58 +0000 (UTC) X-FDA: 83155838556.27.255A885 Received: from mail-ot1-f54.google.com (mail-ot1-f54.google.com [209.85.210.54]) by imf11.hostedemail.com (Postfix) with ESMTP id 3DF4740019 for ; Mon, 24 Feb 2025 19:33:56 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=KfyrQYYC; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf11.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.210.54 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740425636; a=rsa-sha256; cv=none; b=F6+AsK9YjqUc8QuKr+MDVHegT7fimJC1yXVQkJbgpCIBQyOPSAnWze2a/8VI0RGvow9Vzz +sPjxBstKAw/9yVxCK1DW8Yp45lFTTDMlFTf5LYVb498JZkR1nhlmzinRq+JkGfcoErlIF +rOZcVve+xJJ5WvtUQ+X5yDzl5L3iag= ARC-Authentication-Results: i=1; imf11.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=KfyrQYYC; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf11.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.210.54 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740425636; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=hnjUGFbaBrwW6kAgXcvKtRWxmUU2D5hodPgXl1k5G+U=; b=eKlNVUjibvxhc6JrRF8G6TYEXgkZaea2kEI04RmkQV88bFqQGiI8Knbu+iC2eNo7hV7kfX ZWWrtvZ9EQZLQ9abN/CungQcE6iCE1a41CeKIyVvCM2N5dHdLP0QO7pxkubcJmW+xkVAjO Ymbh6kugowl4LROxoW+2Vv3QY+7rSgA= Received: by mail-ot1-f54.google.com with SMTP id 46e09a7af769-7272a4b685eso820415a34.0 for ; Mon, 24 Feb 2025 11:33:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740425635; x=1741030435; darn=kvack.org; h=content-transfer-encoding:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=hnjUGFbaBrwW6kAgXcvKtRWxmUU2D5hodPgXl1k5G+U=; b=KfyrQYYC7qjTanVIADelRMQ+Ma9Mo0qY7/OkzWunFeCao00Ru3GATgBzYM1SYEFthd 58j1THMpmgysh4+NK4n9bR3zfbWL5aiVxqwavBFf/08qL3CO589cpASumXrHLEUZ0wcJ 2tAch9Mozw7Hhoa89ue/9188iIXkIGDKbjiLU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740425635; x=1741030435; h=content-transfer-encoding:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hnjUGFbaBrwW6kAgXcvKtRWxmUU2D5hodPgXl1k5G+U=; b=DoU81gFTW36nFNXr7mYSRFz+xQ3nghu7imHARuQBWDuGNO70+yvM/0v4ZECnrNV69l dRRpf3WStyfX0EX1DClDsb4Cj6R9XhYPhfLGA7v+8E/zlQW+tNptDQz+/zRzeq+1I+o0 u1t1BWeca+OdDec36yIceSsvMER/D9mRxVAZtPbaLIWSMeqBBxFaLA4/Ko4HsXBkzr3u SWmViOCsRStRxEQisSTGaP9Ad0PrXLQYG9zOnMe2jPxsV7Bm3/SZSVallLuawofU0ZzC zhHj3VJlz3ik/H8oHnTWULL0AcDBCErTBOX54ZZy+XICR72Pb1Nnu4VkOFl06ufvgYPD IIoA== X-Forwarded-Encrypted: i=1; AJvYcCWnrzTMtDLjnkS06C5uopQkMGuGAOnkaPpJGc73DZqMP30kPNHhCgKKx/14RDtJPlQx1dmA87P8mA==@kvack.org X-Gm-Message-State: AOJu0YxmDzFKYQY9qAphpzlJNsn/yOMus6QlsSsWPfcrwIllCos5hHhb 0Hl52jT2fOw5fRFrNiFU061O08EoRa4kwiExcEx60fiPVuq10fU9yFm2Z+gv5sfZvjj232zmZ// 6Nj4BhHx5Ql+XYBXC3nl3it466zd9Wccu3kTs X-Gm-Gg: ASbGncvmMRQtg9IdqAlE/mXj97s0k/IzPmr7UIP+t8RtGiwi0lUCZNKm8wQN6v3Lrdl Mnv3STgdu9+4e580TEkmFA7B5s+6+CB4vIkQybc2Ljh4v4sxQyGOgT2kguZTG6rGddr7wY5sTEs IDeVdzdpQYhQ6zoDlzsAL0O+qrO5MSVUjhb3Ii X-Google-Smtp-Source: AGHT+IECBfDc8bF342UbaverJqxNJi+02rwQZrqufXUbn5FURGsu+d5N6F2sRjUe0EB4G3TUt2ZhKvacRWuj2clyLAY= X-Received: by 2002:a05:6870:6284:b0:29e:32e7:5f0d with SMTP id 586e51a60fabf-2bd50f74b8fmr3955851fac.10.1740425635255; Mon, 24 Feb 2025 11:33:55 -0800 (PST) MIME-Version: 1.0 References: <20250224174513.3600914-1-jeffxu@google.com> <20250224174513.3600914-2-jeffxu@google.com> <443992d7-f694-4e46-b120-545350a5d598@intel.com> <385e1498-2444-4a7a-a1b0-0013b0b8fd68@intel.com> <202502241053.1FF33D5B0@keescook> In-Reply-To: From: Jeff Xu Date: Mon, 24 Feb 2025 11:33:44 -0800 X-Gm-Features: AWEUYZnp8EKxv3yJ29ShfwTeO42iLw8jApAg8SH2LEssheFiIXEtzkDSr3kDQfc Message-ID: Subject: Re: [PATCH v6 1/7] mseal, system mappings: kernel config and header change To: "Liam R. Howlett" , Jeff Xu , Kees Cook , Dave Hansen , akpm@linux-foundation.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Rspamd-Queue-Id: 3DF4740019 X-Rspamd-Server: rspam12 X-Stat-Signature: fpxd6e873c1e4x9nuda9dw8gnbfubgmg X-HE-Tag: 1740425636-89629 X-HE-Meta: U2FsdGVkX18LYcNwc4+0VUe3dE9zs8Ux/hw234lNS9n1QzNEtZ2+8gBNCO3WJmePYQ9ewUe3PVRUZUkbqG9hGbO9Tfi2Yw3WFkZbDfnGMFpKJuOtBmu3Einws8+moo3NqgE2RD9enE0qRH4MuyKcQzb3jpwpuktVxoaUUMQ3+jmTXejqMoO1qYQPb0nuttjzrTy35BoxK2GozLZlVaRuacIhBRCUTYRlQfto8bKcy5QuYAe20mzhsa8PwU7SEVT9U5keuEhjHBDe4VcYv4djV3M/+XerEMUdELJ8ApsKi4s51MjlSzBK0UxIcQsVHcPRzjqVECYQB95jm8fQch3ybyzjYV0YDrLawW5r65FBtDDLS4gIZlnlAKPQ4Iq+iXkOByo/IuGlWg0YFxAgFR7GflnJnPKqRE3/tNBBlpzpZp3IpCzqocJ2idQn/EFgPQsMM2Gql5tCAf34J99AfpDFlvPIeia9bkj/rg1qtVeBQO/CBxInqpz5A1qISzx4I/9XEb1lFvu0KS5woAApO/KrdGuKCw/livJEfUfWin/YKNb57SGj4I1vh+dc4T/9TqM5kOaUazYT5tvOeT5xW29+xtkEq7W7fOJtKAWAgerJkuApTlf2mrQyfrazAXMcLKW0llBFu86SG5+l6fIXNbVU9meTSYzc9hjoFhPfHoNkj6oQeiSNc3dtDGU5oS2bewHefMTN085CTBVRnuTsZtWw0YhgfgmLoY9hdzK0hDSPeXq6EkQhN3sb6Kef1yWDgTgk0cVMv229UGeIqceE3yKmrTb17rjXLUIlAtQgFxJmMeIagnliVeocOuWj8vz8iwQZN8Fm2bUtnvsizl4lUyxoC+d6aZTt7aRVcV9HUIUmUDk4SLh5PNxc82snYZIReXH0YArOszmsiPvz5f6b5b1OUuJMADXiqzWz45FkeOWo6b0dR92PKEne8xEYm4F5Hc+YkAaafGJZbD4ueBSXdAS nyZzKS4L oRwlqFW+7TPyN7F3FbpdAplnFoCTYKvVHg8tbVHwMy0GGCZQK7ysuXLkUiQI//eeAv3vrfiEmmv/hfLwtltS2PKWRrPuhck1yYAQLA3Gws6LNngLv50FgsKZ79iuAqBsHRKyPC+o6a1g0cn7656p41+VgrSloVWNwxeEAgxTXbzGtBzFa0frfHCIAuVSlicXQIWk7JNWqOnoJOHmvfjJsJpikXwzPXQCtTxzZHFFN4atpOckXOfdnyT5Oz7kJSgLh2Qaa+SOycwOxgf7iU89W4ocQp5KBQ4/0avY7pDq3lPa3jvQsBz5VLvmqcOy1hxAebMbsu0Q6Nu+Op/T7ot2cUadhOg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000025, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Feb 24, 2025 at 11:32=E2=80=AFAM Liam R. Howlett wrote: > > * Jeff Xu [250224 14:23]: > > On Mon, Feb 24, 2025 at 11:11=E2=80=AFAM Liam R. Howlett > > wrote: > > > > > > * Kees Cook [250224 13:55]: > > > > On Mon, Feb 24, 2025 at 10:52:13AM -0800, Dave Hansen wrote: > > > > > On 2/24/25 10:44, Jeff Xu wrote: > > > > > > For example: > > > > > > Consider the case below in src/third_party/kernel/v6.6/fs/proc/= task_mmu.c, > > > > > > > > > > > > #ifdef CONFIG_64BIT > > > > > > [ilog2(VM_SEALED)] =3D "sl", > > > > > > #endif > > > > > > > > > > > > Redefining VM_SEALED to VM_NONE for 32 bit won't detect the pr= oblem > > > > > > in case that "#ifdef CONFIG_64BIT" line is missing. > > > > > > > > > > > > Please note, this has been like this since the first version of > > > > > > mseal() RFC patch, and I prefer to keep it this way. > > > > > > > > > > That logic is reasonable. But it's different from the _vast_ majo= rity of > > > > > other flags. > > > > > > > > > > So what justifies VM_SEALED being so different? It's leading to p= retty > > > > > objectively ugly code in this series. > > > > > > > > Note that VM_SEALED is the "is this VMA sealed?" bit itself. The de= fine > > > > for "should we perform system mapping sealing?" is intentionally se= parate > > > > here, so that it can be Kconfig and per-arch toggled, etc. > > > > > > > > > > Considering Dave is the second person that did not find the huge comm= it > > > message helpful, can we please limit the commit message to be about t= he > > > actual code and not the entire series? > > > > > > I thought we said that it was worth while making this change in v5? > > > > > I include the cover letter's content in the first commit message to > > clearly communicate the purpose of the entire patch series, saving > > maintainers' time when accepting the patch. > > Having more text than patch for such a patch seems unreasonable. I'd > find it more acceptable if it were a complicated race condition, but > everyone is getting lost in the summary. > I will remove the cover letter from the first patch then. > > > > Should I still include that, and add what the first patch does, and > > separate it from the cover letter with "----"? What do you think? > > Here is my v5 answer, I think it was clear about not putting the entire > summary into the first patch. > Thanks. > [1]. https://lore.kernel.org/all/ml3x5qchmnehdzz2rxsdcdghivaqffojiweuhvpv= zw45u3l5bh@23sblrom3m36/ > > Thanks, > Liam