From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A2DC4C46CD2 for ; Thu, 25 Jan 2024 02:04:43 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1259D6B0072; Wed, 24 Jan 2024 21:04:43 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 0B09D6B0074; Wed, 24 Jan 2024 21:04:43 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E6B726B0078; Wed, 24 Jan 2024 21:04:42 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id D0A016B0072 for ; Wed, 24 Jan 2024 21:04:42 -0500 (EST) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 74AD91C161D for ; Thu, 25 Jan 2024 02:04:42 +0000 (UTC) X-FDA: 81716189604.09.6AC6B89 Received: from mail-ot1-f46.google.com (mail-ot1-f46.google.com [209.85.210.46]) by imf06.hostedemail.com (Postfix) with ESMTP id C3AC7180017 for ; Thu, 25 Jan 2024 02:04:39 +0000 (UTC) Authentication-Results: imf06.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=gtWSpz2V; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf06.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.210.46 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1706148279; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=UXSbpxldRQwJaZgTsF93EIsC+O+YAl5Fx9J2K59JChI=; b=2djdsZ9z3FREEGGNDgBLLxlaEnBpw6nBFG+Dig3Fba+w/Q3UciXRMpXuNI4w46NekXLDt7 /D2ou/6zLY8XoD6L64kw/p2/WNKuumcKbKqTCwEsZeyl0pmV+roUZOmfM9JIg7Q/uVS7p3 WfwTh45FrO5Y08K6xAI0R+SpwMmFGvQ= ARC-Authentication-Results: i=1; imf06.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=gtWSpz2V; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf06.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.210.46 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1706148279; a=rsa-sha256; cv=none; b=Ynw+57BuXtGWC6NF7U4u8lK4fwH1Hm6Fi4cUoEczr1bi7g0P1IGdCyfV2fj29gu8VURGot pet3dN/otd1dxfP8RowMBXu2Yjs3MSsnxutsy3ym2ST9/MAuSyDp1MObSIxoUuk1PQjScq aiz1c9bGx8IaaNq06WB3kOTiDqOZMhY= Received: by mail-ot1-f46.google.com with SMTP id 46e09a7af769-6e0eb1cf1f5so2092473a34.3 for ; Wed, 24 Jan 2024 18:04:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1706148279; x=1706753079; darn=kvack.org; h=content-transfer-encoding:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=UXSbpxldRQwJaZgTsF93EIsC+O+YAl5Fx9J2K59JChI=; b=gtWSpz2VVD83O1gCo815/zYkUq+Qtz+aeJZLZ0yeM2RY5fK0J4eDR95c574SBQ6ze4 1dyc/ffG/Qgd1X9dYDwGFl2jXTkVFHW79gVreuNzPnPplr/gA671c5X1XHRurxkqo1Kj hP419H0jcrowPb/u8AxxvdULtO1aMMLt/R8+I= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706148279; x=1706753079; h=content-transfer-encoding:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UXSbpxldRQwJaZgTsF93EIsC+O+YAl5Fx9J2K59JChI=; b=B9PDvy6XuIB6iUr7RSGFAwv3TB3Ck/QzJGHN7cR4RtQUni/X0cypZ4tgML/1EL4DPk 5gTqUV3HM0F4i0UsZbeHfoAEBhGeO8x5vM5bUF0BgtaqPY99eNULwcUIDFT/QjHAkDHe tbao+KgIul/fHBkUYg5hc/9fwSDiCgNIq30kIjKiox4qVNkhAxV+nWmxqrFJpWHKUD2r x3NLDd0GVzYp1yD0+j3Z6rcMpA1U4bZGRWtIdLRWkiZKKcXUGM/yQWhm2et3iPIHTxv3 oiXt4MrAdQkibA8hzqVhduVo+cLPim4BGgh+JN35x305l9v4kYho8U7FGkX6nA33A5j8 rA8g== X-Gm-Message-State: AOJu0YwoE55KdFPVJkHqMvR9hXG1tUeV6UVAbEYY4uemQj/eHFWKgjzH bWySRPJDn9oeiHN1r8UngSChmX5FHKDiNCsSDVm1uYN2Yf9oOMjwbZEySvOlg47tvGS1r+4i5Jo aBaAFLniXk9SiD7QwNf//jFE1jiyJTosd3OSv X-Google-Smtp-Source: AGHT+IHlTe+z1MODYDADlbQ3RXk9t245ULpG2fW9+wJpOLVUAgr4K32ziK9o41eRX3/hO23gIpgTK9SNAOqnz8yLzS4= X-Received: by 2002:a05:6871:551:b0:210:b3fe:67a2 with SMTP id t17-20020a056871055100b00210b3fe67a2mr140629oal.66.1706148277276; Wed, 24 Jan 2024 18:04:37 -0800 (PST) MIME-Version: 1.0 References: <20240122152905.2220849-1-jeffxu@chromium.org> <20240122152905.2220849-3-jeffxu@chromium.org> <20240123181457.idckaydk7dt7q2qy@revolver> <20240124200628.ti327diy7arb7byb@revolver> In-Reply-To: From: Jeff Xu Date: Wed, 24 Jan 2024 18:04:24 -0800 Message-ID: Subject: Re: [PATCH v7 2/4] mseal: add mseal syscall To: "Liam R. Howlett" , Jeff Xu , akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, sroettger@google.com, willy@infradead.org, gregkh@linuxfoundation.org, torvalds@linux-foundation.org, usama.anjum@collabora.com, rdunlap@infradead.org, jeffxu@google.com, jorgelo@chromium.org, groeck@chromium.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, pedro.falcato@gmail.com, dave.hansen@intel.com, linux-hardening@vger.kernel.org, deraadt@openbsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: C3AC7180017 X-Stat-Signature: tyw3tppxgjbu5irdzm79o855iaoo8jm1 X-Rspam-User: X-HE-Tag: 1706148279-811071 X-HE-Meta: U2FsdGVkX1/H/drcQwNlYz4ttjxMmSEKV5KZV0AfthGbdPaL/g1CsiytkxsEATpBW6vUR1Dr9haE2gc8FNwMWdk2+efz83MrF2Xo3k+dMITu7DHzf80bBYId/xnqsAz9YEEe9N3qvJ1kir8bVKngDcFS3jXpls6HxKfj0xPtKECP8L6/aBM0t8hS2OfW8xioOwY2KpXbI4C4q7bRDckvyPVnlkskl3g2MtWqi2vZiYPpmLXQlWCIX1dnts6E/MyC5xCHpaA2qtTXY9bVVJX7p5dslsfm+1DtifXWgxY1NOBQyvFdlgOpS70pwgkNm38qEi4qbK7PHmiHiyrK4CXjzEQFjpN5vuFgWPzezRcI5Tdbf67kpTJcJlQ2ZwjbFSaCmcYYtneJgotCVVjTrBIAXei2j8nyDSgckOkSmUtb1YTWwnWvcINtxXHvZ7NkDT/XA+LipATCiLT/4qZUSXSmv3YV5D/Hlo1VSRFVodg48xtihrZ7ye/Jj061r8HTN/fJJgY784GwPeVuSvciwS4mA6O7hnd1BqZQyDGry8kv/dzhZlKIkqiN2aFil8p0bdlQqL9P0vpjJAcNeGKwpquaRt0aaznhMwF77g3D0XKbKth/vSiDwn796zoOdOAbfSJUyC1MbfoRysnjjIl8ODdH8TdB1aU7wE6mo4h6GHqBq3nuGa9rAyHrF5n+WHFmkFzv9vnacKfDLnqnDPJ8gmT6fYosqBAUzASFJ+c0OqFrI81FFOdV3KnQsiSGfNANepxuDiYSPDRUGLSfD6CpH/GgVqQJUYD4eKk+yRB1fjCTtg0JzDaVk5sBpr5cqaqBXcpnlecMr0GYKtQ1j5UlzixfiLoYsDpjh3m2f9nF8wIVsDbzaqm4Qp3b6zf7r9nBzRaY8jCaj/LpyTsicx1dEocEcwbgUF3OpzcOMokn+gCkDgP70LPsxUsjZi8X73V234kRGj/PqDFykaQLlPlYi8K vkE+Bks0 vTjE+mkbMJfl+gGlLkd027w0dHJIl9dq8s8V9YdMJMJ6TMLEjAZ/0NzTgKVX1m0HOryGO9c5QprszWgV7akt64mWaAezPhWw9+ca90i65BuAJjTf7sEt2ZaPWnf3Bq7g3bGUXQa5kWe9V2unp8HZVYKc2Kx8tu3EhrHZYzPc2J50/OpsjqK4S2hDVrjwVXb9IhuUkVKStu8bhyflE7zvW3NvZc09xuqyC6MvfrLsXj/Rh9wJiGuwt/ONBjx9ZKUTwRoaQpd87jc7XKNlXCrqYGhtqcOkIRpdD+45AFNgHHCBjx9imUb3vONxcZ0T/yLPF4Pf9wyaMYLzkIo9ENJt3SBK9S4Qbg6Zb3sDbCDAcoDz+DYubbSrld5nXWgnrSVmpHHQv X-Bogosity: Ham, tests=bogofilter, spamicity=0.000014, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Wed, Jan 24, 2024 at 2:49=E2=80=AFPM Jeff Xu wrote= : > > On Wed, Jan 24, 2024 at 12:06=E2=80=AFPM Liam R. Howlett > wrote: > > > > > Considering this is the MAP_FIXED case, and maybe that is not used > > > that often in practice, I think this is acceptable performance-wise, > > > unless you know another solution to help this. > > > > Okay, sure, I haven't been yelled at on the ML for a few weeks. Here > > goes: > > > > do_mmap() will call get_unmapped_area(), which will return an empty are= a > > (no need to check mseal, I hope - or we have larger issues here) or a > > MAP_FIXED address. > > > > do_mmap() will pass the address along to mmap_region() > > > > mmap_region() will then call do_vmi_munmap() - which will either remove > > the VMA(s) in the way, or do nothing... or error. > > > > mmap_region() will return -ENOMEM in the case of an error returned from > > do_vmi_munmap() today. Change that to return the error code, and let > > do_vmi_munmap() do the mseal check. If mseal check fails then the erro= r > > is propagated the same way -ENOMEM is propagated today. > > > > This relies on the fact that we only really need to check the mseal > > status of existing VMAs and we can only really map over existing VMAs b= y > > first munmapping them. > > > > It does move your error return to much later in the call stack, but it > > removes duplicate work and less code. Considering this should be a rar= e > > event, I don't think that's of concern. > > > I think that is a great idea, I will try to implement it and get back > to you on this. > I confirm this works. I will add that in the next version. Thanks for the suggestion. -Jeff