From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 34B71C021A4 for ; Mon, 24 Feb 2025 19:23:01 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A6D4F28000A; Mon, 24 Feb 2025 14:23:00 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id A1C98280002; Mon, 24 Feb 2025 14:23:00 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8BDB128000A; Mon, 24 Feb 2025 14:23:00 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 6CD80280002 for ; Mon, 24 Feb 2025 14:23:00 -0500 (EST) Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 21A11A432C for ; Mon, 24 Feb 2025 19:23:00 +0000 (UTC) X-FDA: 83155810920.14.FA8BFB9 Received: from mail-ot1-f47.google.com (mail-ot1-f47.google.com [209.85.210.47]) by imf30.hostedemail.com (Postfix) with ESMTP id 471D68000C for ; Mon, 24 Feb 2025 19:22:58 +0000 (UTC) Authentication-Results: imf30.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=lfzMFDss; spf=pass (imf30.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.210.47 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740424978; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=dXK4pusQDOpb1msPI4OVIWLwIn76adglBrjHmVv7AwI=; b=7l6s64Jg2TpgCoUKL+nf+jlrHRm3KIY2bQ2Z0g6hwOS3URw6oYBA3kKzUHByjApBBtd8Wz 7BlT/+WVRJ9EK/+DjdO2+FzjI+72xqE57nONK6lug7mXJYGEnXe3NSNg5MlpruVRKQlaHs 89ifZJs4AlKUWFKnxtXcEEiX/CsgO54= ARC-Authentication-Results: i=1; imf30.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=lfzMFDss; spf=pass (imf30.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.210.47 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740424978; a=rsa-sha256; cv=none; b=WfeqGW3+qzEsS0yLysFgEjoyCw4fLbtUfS2EzguFg7Mjg5k5ddLFJVUYKj0iBlJ5dSMbmA xo+9wR5xkrCbnSSrLlzeezOkZX3nDksE2KRy5BJ5r7PSVOX0Kd0mnM6TqRHHHuuk1NjQaq H03FPfZikiivXrxYjh7QYxt7qAJp65k= Received: by mail-ot1-f47.google.com with SMTP id 46e09a7af769-727382a866fso438549a34.2 for ; Mon, 24 Feb 2025 11:22:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740424977; x=1741029777; darn=kvack.org; h=content-transfer-encoding:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=dXK4pusQDOpb1msPI4OVIWLwIn76adglBrjHmVv7AwI=; b=lfzMFDss+zFHP68LJ810Gqn0PWvq95sw/f9yeUMDaIFW3BHepvneI+0WJeAtrXtp3A 1cduOEyYLFEZaWLlZRnERszaQRw935l4/A8BanypR/hLNFbd/ZgQN7r4aQKr32je83lL tnFHBvWCGd01fWdt7lMj2YkDfX4HhvFYVPnUk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740424977; x=1741029777; h=content-transfer-encoding:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=dXK4pusQDOpb1msPI4OVIWLwIn76adglBrjHmVv7AwI=; b=CZKHYhmFgs6/ECuC8UKsDo8278H0Q9utRmc3WCFe6ak6Fxe0W2479A8/Lxufy1T4XH qAFsKgzRnH+dp8jeILQyeqnSRbLT2X6Zh+QNKutrZGpWqwH/RqM+klNpet4itd7PufJJ I9PrXPY4YpcvT17OIaxpNst4e6a01D73UB0unqyKMhF1BlGtIYPdiOaJOOOG6itgafdb 0mBoXatP9G812t97j5AZ8zDEBfNdTX7/Q0mwTSAtl7JvuszruwS/WEYNBV26d02slkjc bYiT3Gb2vMfNWM3HVHaM39iZTG4B/OJNvgUOrKqrMyk9MoViA7A7paSkCiiWPizU15sk NNqQ== X-Forwarded-Encrypted: i=1; AJvYcCWTsNHedhkpeYswRn8EKnCPJM6o5beVPS2fZ60h0uYMTy6YKASASa5Sdmu5xOFKxzkhlCdCKv20cg==@kvack.org X-Gm-Message-State: AOJu0YyfNF1+NYjMXqDbAxhcX64ZsRfaagx4ud8VoBn9R+xqnuvBpqC0 DAx6gEKHJlkuYQUPDef1moEo+M7Xr0/brd/2ejJXYYkkSIbFPS3epSyv9Zxedd45lk2ZNE0V8rb EeQgkTiLFr2+seErceQSlO+6rzmxAQz0XrjBo X-Gm-Gg: ASbGncus7PDHRVIQ8yLu/hOBFYWe/5/LFeSuhitOtLBoXV5Y2RSZkUvcEHzcFG9NKgQ 0g/St3imKkjLICYFsomIDG7A96lGgh3tyHvBb3nENaR6zjjfeb8JwEkVzs4xB3eG0YOuqoswBL3 FnN59x7q2IoetUynXkaSkJygywFn0H8RJU7h6T X-Google-Smtp-Source: AGHT+IHipYHEOTCDEd2oudfYkZmByZ8wUE3mOt21qoQhPydciadDU5SB9PbFol9qbsi30OsFwazNrvcjzZv520w6yrk= X-Received: by 2002:a05:6808:228a:b0:3f4:210e:c0f2 with SMTP id 5614622812f47-3f42455c800mr4106821b6e.0.1740424977301; Mon, 24 Feb 2025 11:22:57 -0800 (PST) MIME-Version: 1.0 References: <20250224174513.3600914-1-jeffxu@google.com> <20250224174513.3600914-2-jeffxu@google.com> <443992d7-f694-4e46-b120-545350a5d598@intel.com> <385e1498-2444-4a7a-a1b0-0013b0b8fd68@intel.com> <202502241053.1FF33D5B0@keescook> In-Reply-To: From: Jeff Xu Date: Mon, 24 Feb 2025 11:22:46 -0800 X-Gm-Features: AWEUYZnmw26icYzliC0vlQAFEP5swDpKIia7nNj2plZNiKvZKlNhikDMcD2JAw0 Message-ID: Subject: Re: [PATCH v6 1/7] mseal, system mappings: kernel config and header change To: "Liam R. Howlett" , Kees Cook , Dave Hansen , Jeff Xu , akpm@linux-foundation.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Rspamd-Server: rspam11 X-Rspamd-Queue-Id: 471D68000C X-Stat-Signature: q5wm1ens1xafc3xi8a5bipc6omtdsgnf X-HE-Tag: 1740424978-126085 X-HE-Meta: U2FsdGVkX1/Xas/U2TahYSmukVp7HxXzck/kxrucugc88gHz8OPZt5Lz1/djIXdtrGcgxVX7q5CwthOt5gxRhTEYJQQ2hXV5Lbp3bjeQJQKyi5MmrkeLhG346/N74CPvzkGo5/S9oQA50QjGpPsQ+/+7+wqIQ6rMLLS1dxEZLs9EeZrXxqxO9aAAxBsAbRPaSbY60X0NyiWjb0+xJ58zxwUwsjWooKNusw5ZFjIE+4Kt3adW4HpS+eeAFlauFcZKHUf3TweNWJJfcmOq+cc444BA1iFR30woWXat5g7z6rI2Kclti9pvdx4JPfIUDmgOADMK891xbWnXUkaSAU/8yVwc47EeiDrqV5ZTwat3MwinHvIYIl7xUg4SrIXZHNpUU6wQsKi28Hbm+/9ynZ69D+2T1Rpg1ozknLgS5qxX3il3aEp2WxoZL5sMgPTLpM+HgLCnJxUObow54ptun3uZhnVXHhTUF+laUVOM3OdugFBmcY59oz2+74EeQMGCQeVsFUHp+ttwrUZ9NOq8FLnMZrUN6i3/dmFrSdiuTmu/x0TaPvj8pqTDjIevk+1l0ENl3cbo+DvOom+6HCttu8vBbgLxZMU4YJBpGcSUFPDADHP5jWvKlxcOmCCGdrAgA6nsxDoirODhFAqj0HgetR3NNvWEPAUnTAj++LOjGOJOU/OPlqFuw8Gt3R4w6/K96bEsjdTaIuYnxog4h7cBkQY0OUO3JO1skLvRt2E3jEOgqlHSmni/P8lpez/0g0EraqzJq423GqTSvoc3DOHsgnZ1t3UbgwMb+Ahn8TvW04CwoBpYdORDJ2cmKTEJrMHnksTejRl/4mwMKzlnisImtNMVwHrnfTV1rq4KBK4FIxdjZwWmigV3nBJ71o2xemW6m2AintMxXrDgkjdrUJe5Vhgbc+vPCrFXL5Bv9qQO96+adxxwRf+A01sIxdH4OXZ26wdyLFC0hloi7LzGgaYHF+G UZRRmXeQ KZK13sbZ6YySaW9U7g1bgkhdtNXwKLmAGSxKVDJ1m+8aA/529qdSR0GPfD60mJHRRb6vMJnIDBhksKsyUGG6Tje39I1XDYrBUiVkYd462svnQ0vKAskmwDeHJk3HnVfCaUbHAC1ekly9f7YLF6u8MbpuFlRJSq5wpls84FrSjKa4eg6HbcjnZvEmo2hJL42/obrEaYRZphp48enWHayiQdaHXS4vRDiu3vmPZWGa3Q2q+bGsmrns7DkEygDkJOwxdTaW+ZphD7Zo12UKPbtUQIyyBUxSlxwgkpY1PSZfnXXFIl+XlxoxHwA/M9BanwarsCup9 X-Bogosity: Ham, tests=bogofilter, spamicity=0.001878, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Feb 24, 2025 at 11:11=E2=80=AFAM Liam R. Howlett wrote: > > * Kees Cook [250224 13:55]: > > On Mon, Feb 24, 2025 at 10:52:13AM -0800, Dave Hansen wrote: > > > On 2/24/25 10:44, Jeff Xu wrote: > > > > For example: > > > > Consider the case below in src/third_party/kernel/v6.6/fs/proc/task= _mmu.c, > > > > > > > > #ifdef CONFIG_64BIT > > > > [ilog2(VM_SEALED)] =3D "sl", > > > > #endif > > > > > > > > Redefining VM_SEALED to VM_NONE for 32 bit won't detect the proble= m > > > > in case that "#ifdef CONFIG_64BIT" line is missing. > > > > > > > > Please note, this has been like this since the first version of > > > > mseal() RFC patch, and I prefer to keep it this way. > > > > > > That logic is reasonable. But it's different from the _vast_ majority= of > > > other flags. > > > > > > So what justifies VM_SEALED being so different? It's leading to prett= y > > > objectively ugly code in this series. > > > > Note that VM_SEALED is the "is this VMA sealed?" bit itself. The define > > for "should we perform system mapping sealing?" is intentionally separa= te > > here, so that it can be Kconfig and per-arch toggled, etc. > > > > Considering Dave is the second person that did not find the huge commit > message helpful, can we please limit the commit message to be about the > actual code and not the entire series? > > I thought we said that it was worth while making this change in v5? > I include the cover letter's content in the first commit message to clearly communicate the purpose of the entire patch series, saving maintainers' time when accepting the patch. Should I still include that, and add what the first patch does, and separate it from the cover letter with "----"? What do you think? -Jeff > Thanks, > Liam