From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 34B8FCED263 for ; Tue, 8 Oct 2024 04:19:13 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B152D6B0088; Tue, 8 Oct 2024 00:19:12 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id AC5406B0089; Tue, 8 Oct 2024 00:19:12 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9B3AF6B008A; Tue, 8 Oct 2024 00:19:12 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 7C9196B0088 for ; Tue, 8 Oct 2024 00:19:12 -0400 (EDT) Received: from smtpin22.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 73F551209D9 for ; Tue, 8 Oct 2024 04:19:11 +0000 (UTC) X-FDA: 82649130144.22.A82329D Received: from mail-oo1-f50.google.com (mail-oo1-f50.google.com [209.85.161.50]) by imf14.hostedemail.com (Postfix) with ESMTP id 668A4100003 for ; Tue, 8 Oct 2024 04:19:10 +0000 (UTC) Authentication-Results: imf14.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=cykF5UT6; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf14.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.161.50 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1728361107; a=rsa-sha256; cv=none; b=H4Lz2HcFYpNysystgqduFYCuFXKDIpfwQvnm4QCnkbYoGExfWFpBFoe7QgOQHZAsY4nRNr m8r2RJ2ETz2kpogiW8txGjJq5RPDQ70bJo+nZcvW7We6dtRpCbgHdUEe33TL4GacOvVfKV /L+jc497X/8cgYRD/MMnuGtAeXpLvkM= ARC-Authentication-Results: i=1; imf14.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=cykF5UT6; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf14.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.161.50 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1728361107; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=XZfQvH/MhqM2R9awaLXpo3SGscfTUNKuXetgTd0BBdk=; b=AsiItMTSJGOSaaOUVjMSoiFq4Ab7kTRGBx4D80CNcWEuJlI8I7WOCndNNxy4r4N8jeJr86 2p0fJ9TF5pxujFbdZaYAYVYgJgoKC/QyVydqeHh2iHeOUkhPxWZr9Nldi500kX89GRD64w U9tXdW18UcqxPGzrOXNhfnWd0jbShGM= Received: by mail-oo1-f50.google.com with SMTP id 006d021491bc7-5e1cd7f930fso213330eaf.2 for ; Mon, 07 Oct 2024 21:19:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1728361149; x=1728965949; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=XZfQvH/MhqM2R9awaLXpo3SGscfTUNKuXetgTd0BBdk=; b=cykF5UT6xpakLmf21VJREbM//x8XEftM3WWWG0HCNKXuoZD+0zl6kMCbUQudUiWkAb UIBz81fVVngTP2iZ6sd+PyzeL5dLmiXwZayhm3Ou3+GFmDpmTbgk9bgQ+s4CsXuqCkkv hargFtZthD3c1DNss2+eJ7qXdRY4CUz5uP5g4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728361149; x=1728965949; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=XZfQvH/MhqM2R9awaLXpo3SGscfTUNKuXetgTd0BBdk=; b=sBECWPpqvgIQ8ie+1cXrU1nXoFuAxDrFvpzwfOh8RUXkK7CjNGTKG7ehQadOtCZSHH k2IVF8DQ4e0zy3gQoO5INaKIyCHF6wMfuchT+ZM+OdQoc5fsfzvEYOkXHEDrkwcbfPbU Yvq6XnBUTkH+ullc/cjN1wI/+NSCI4g7s/ZvBHAgWiOrZICAcqdP2ejpqF7SDZWAeVm+ kk3g+eCq0DjV4XatOYxBrhZy5bvRFAc+ohh490LRcklSRbjaq9QNCCifWo81pU91rB/5 GgufVAx11nDeq6piUVpEzWc4y4jjCK64xZ46wLeRz6tzxs+5jtcOc8YmJQfLgYu+xTvH 1Ifg== X-Forwarded-Encrypted: i=1; AJvYcCUEELEMMapttwF+k07swUx7ZYGJ5eGhuwlw7i2TTtaBtHElaB7ocku+zAp38lcPnJvPESw5ixzFkA==@kvack.org X-Gm-Message-State: AOJu0YxiepkNr0tLQ2GIk9l3scCUx+DFlkbUhHScxRrmJCnzlo2mLPFk rs14QEdo7mkEoysbhi3K2254JJEQKdxDTQnQ6M7ao60hzaEuWI4Kb9E2S9ip8QGZaQ7vAn1/rlz GV+95tCc+6BULUfjxBG4Xen79oWGDQYnK7atm X-Google-Smtp-Source: AGHT+IHsZ/zMWhIjvBkKz+rNy860wt9i3yAjcZE4NwcRozFAITLm8eJ8L5musQvO+B98Ff8XeuX4MR/evRRD0knnv4s= X-Received: by 2002:a05:6870:b526:b0:27b:72b3:cd9a with SMTP id 586e51a60fabf-287c1db21efmr2874042fac.2.1728361149313; Mon, 07 Oct 2024 21:19:09 -0700 (PDT) MIME-Version: 1.0 References: <20241004163155.3493183-1-jeffxu@google.com> <20241004163155.3493183-2-jeffxu@google.com> <24700097-561f-4b81-a45c-e4f7b4b9b853@infradead.org> In-Reply-To: <24700097-561f-4b81-a45c-e4f7b4b9b853@infradead.org> From: Jeff Xu Date: Mon, 7 Oct 2024 21:18:56 -0700 Message-ID: Subject: Re: [RFC PATCH v1 1/1] exec: seal system mappings To: Randy Dunlap Cc: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, adhemerval.zanella@linaro.org, oleg@redhat.com, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, ojeda@kernel.org, adobriyan@gmail.com, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, mike.kravetz@oracle.com, Jason@zx2c4.com, deller@gmx.de, davem@davemloft.net, hch@lst.de, peterx@redhat.com, hca@linux.ibm.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, nathan_lynch@mentor.com, dsafonov@virtuozzo.com, Liam.Howlett@oracle.com, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, lorenzo.stoakes@oracle.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Rspamd-Queue-Id: 668A4100003 X-Rspamd-Server: rspam01 X-Stat-Signature: zsxx4sneoga467wte88n6r9b4h64kfh3 X-HE-Tag: 1728361150-599550 X-HE-Meta: U2FsdGVkX19DxZG9m7mpZGTEzxUatgEGsTV7+YP2AomP3jBNVvjgzx7rEkA/MaE3tEuOGH7azUGhIOsI1KboLn3xjmmKChZZopVi0qy4ihbyIYUZNngKXhexG5VMmx22+hPHTUnyiuUvtvRtRjChICLoGuJ/GaMdYzFwgxXgBlJ+hKZcRaklQAhG5JBbGZbbVriCTieku07TqYlY9QZ6umgeEprq8NFu5QIOOiPO8PFMQbUwPGGxYZ5J1Am+xAFyGUSFspkQhediznPpUKx6po2bqoKyH54l4W8vaS9lm6tzJl9T8JEDDVfBYHauj0CBwcEKUF2xBEJWwD/I3iYVbCZ89XqUD9KdyrJeo5eugnNeOGKKa86Zv6lg5CyZjJdDKOGrJVWTNTGwclAOZcFJXzweY2HLIEgooKnUEgjmcNPs6TNPbW6pON5nHWC7/yQkOUE8n40CYaIqBauy5G/pbvnZJ/2SNIH7kZJdhk1cwtnxD37kuB+Uk8BM3O0IPBcVQZV5tLr2to57EHSHhNiDBF7umBxdoi+vuMm7hNIIMJSF1x8da2iGm7FiHKdQuNQ4V+BoJoYzB/K0t+9RfsIp+WEyFytJMLaM1j6lsGws3ax3kEEBAc+22f2Qd+VfJ5Hg2+QMCrtkr2uCXprAoW5TR18fXtLzgKHarnZeHUe8fLplZ6TgjG+gc5RysvaaTe/vDcHK4NcbML/yoe7SW6VJ7iYpACGC9SXdBAZma2bhu1H0ERF+/NLSJ+m42owKYlVv2JwAp+9axAKcJLM9sQHdXDbmIVCdldMqw8d/OTPdO+qUJ5k+TDpbg+ID8PkCHF9yfVa5RE4oFg6/dEZj4n8FlJ4s2TEyREE1bkUI5w0p4TZCpV8qLrMPAGbL8sLI6YzvwQ1oT80ylTWtoXqR4pdcU1Bs5jhrF+sSZAL8gfY8HhYb2FZQ+Zyt/qEbUP83yGujQADMd1adW3VFtMqxOgr +d+SxZhQ 0BLBvJX3s89bMGu0rAks10N/ZUT65cdsznNp/VWjZT2+E0JS8ZYzdI2NLZ3HmLNI6EyXY3vYON4Qg8g57tLYWfxOI+FEMIT9jm4sBBZ0fJSXlSjm16DrDAtE+8HAHWNpNg4gY/rUXUeBImal5v/srIUvyC0j0UmZVmpi79dCGS6Ifnvvio9+KeJkxy8+gifpYmQ4l9e1X3txzmr1fd5uQ+PyXoYKtVJp7kbHzDkAkBVkNG+2PJVhZ/G8eaqi7du1IMSD3Tq69RxticVp841gKlF0QFYZJhyZfQWyAP8e1gRI7N1vJGFDW8mS11siHE/8VAAK2b6gZDY//eCUQMIMvqwcFa24K0H9IQUn4 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000002, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Oct 7, 2024 at 4:42=E2=80=AFPM Randy Dunlap = wrote: > > Hi Jeff, > > On 10/4/24 9:31 AM, jeffxu@chromium.org wrote: > > From: Jeff Xu > > > > Seal vdso, vvar, sigpage, uprobes and vsyscall. > > > > > > > Signed-off-by: Jeff Xu > > --- > > .../admin-guide/kernel-parameters.txt | 9 ++++ > > arch/x86/entry/vsyscall/vsyscall_64.c | 9 +++- > > fs/exec.c | 53 +++++++++++++++++++ > > include/linux/fs.h | 1 + > > mm/mmap.c | 1 + > > security/Kconfig | 26 +++++++++ > > 6 files changed, 97 insertions(+), 2 deletions(-) > > > > > > diff --git a/security/Kconfig b/security/Kconfig > > index 28e685f53bd1..e289fbb5d676 100644 > > --- a/security/Kconfig > > +++ b/security/Kconfig > > @@ -51,6 +51,32 @@ config PROC_MEM_NO_FORCE > > > > endchoice > > > > +choice > > + prompt "Seal system mappings" > > + default SEAL_SYSTEM_MAPPINGS_NEVER > > + help > > + Seal system mappings such as vdso, vvar, sigpage, uprobes and > > + vsyscall. > > + Note: kernel command line exec.seal_system_mappings overwrite t= his. > > overwrites fixed. Thanks > > > + > > +config SEAL_SYSTEM_MAPPINGS_NEVER > > + bool "Traditional behavior - not sealed" > > + help > > + Do not seal system mappings. > > + This is default. > > + > > +config SEAL_SYSTEM_MAPPINGS_ALWAYS > > + bool "Always seal system mappings" > > + depends on 64BIT > > + depends on !CHECKPOINT_RESTORE > > + help > > + Seal system mappings such as vdso, vvar, sigpage, uprobes and > > + vsyscall. > > + Note: CHECKPOINT_RESTORE might relocate vdso mapping during res= tore, > > + and remap will fail if the mapping is sealed, therefore > > + !CHECKPOINT_RESTORE is added as dependency. > > +endchoice > > + > > config SECURITY > > bool "Enable different security models" > > depends on SYSFS > > -- > ~Randy