From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7656CC021A4 for ; Mon, 24 Feb 2025 18:59:32 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 12EEC6B007B; Mon, 24 Feb 2025 13:59:32 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 107346B0088; Mon, 24 Feb 2025 13:59:32 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id F37036B0089; Mon, 24 Feb 2025 13:59:31 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id D76D56B007B for ; Mon, 24 Feb 2025 13:59:31 -0500 (EST) Received: from smtpin16.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 892021CBBFD for ; Mon, 24 Feb 2025 18:59:31 +0000 (UTC) X-FDA: 83155751742.16.80357E5 Received: from mail-ot1-f50.google.com (mail-ot1-f50.google.com [209.85.210.50]) by imf08.hostedemail.com (Postfix) with ESMTP id 9428A16000B for ; Mon, 24 Feb 2025 18:59:29 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=VzCtZbHz; spf=pass (imf08.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.210.50 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740423569; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=QjvCpccwAioWVRFc0yHse5dSy78Hzy2JhogXu40JizE=; b=6X7ujVtHkYREgWAL/RTShdvR1AWDzzL3dHD9PIn14qALuTvtTEPRAZ4T67JL+3o0+Z3QlG G3bLliZWIt4hWyNA62QV+qJYrWjgMwceG+c33r3VrbqD4Ee+E16Fjx5UfqNWEU2ns92q6R Swzs0idKk50adgr1bnN4Ab0IUQELlhA= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=VzCtZbHz; spf=pass (imf08.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.210.50 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740423569; a=rsa-sha256; cv=none; b=XMMPKvABvrFoH9QQIIFFn0kNtv/jvqi8MumPpwRHkLWZdmofi7HpMq8Jede6C6b0DkzH4x JvjAdhZ2fhl7jMwDXAO5LC9nBVhqAihdCz4BGy+dfMjyLdPVp2hhv6S1cbi9gOnzyXfVAq DlPuE0bKsWnpZ/rrxnGw1XV+4Xt209E= Received: by mail-ot1-f50.google.com with SMTP id 46e09a7af769-7273be6e79eso656603a34.0 for ; Mon, 24 Feb 2025 10:59:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740423568; x=1741028368; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=QjvCpccwAioWVRFc0yHse5dSy78Hzy2JhogXu40JizE=; b=VzCtZbHzVHjd0v4O1DmwsuLANumTi75VuuWZ5t9Y/y4rnpiiiZkZDKv3YMLghYu3/+ E3Hdeq8lEY1z5ST8mwVYaSV7WcLR19riyBXxSTGpNrB5jkSpUdOwImFtitpP2KD7jjKs xZJknt87+mSKDeW79dxU6bZq60MdtXXviyzAY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740423568; x=1741028368; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=QjvCpccwAioWVRFc0yHse5dSy78Hzy2JhogXu40JizE=; b=iXXpTjORGdw7rPKvY1I1wZn9Te5jgRU96xXAawd9Xuw0zsyCqRYkQEBn2HVdj6faUp PaAe++hZvUr+HzWJwP8mYpchVyDswn0pgPyL8kV/dzPwmMBm0nTsyWnO0PHJgShmzw67 1QdK4f09xI8o5d7QkjVHu3skhPtUV3neLLXWBEdwSomLsYL/B5cz2FQ1XD2vDBWZHeir MkXUrvF+wKIw0pZH4Kk7fwlMFSJ1WH5/gsVtOrnFLkrUZudkdRZ8FJvvsvogFu4XeXlq rl6jWMKoHD1fJ3/EwP7vCe6WAEuzcwQ3bYL6cdhdz26EweA5POp2+RVtg1XIgcuLwLkm N6yA== X-Forwarded-Encrypted: i=1; AJvYcCV9ck7D1ns1cJ1OhQUx6F3ut2y4ekkZYQh7hGFmGE7AgJb4AvP/D+TJMJ6X1GUuOr58pLNerWevUA==@kvack.org X-Gm-Message-State: AOJu0YzP0Q4mesDznf6WhqQSNYlLToTKX87wnAf0vkaAAA7dIHHO9eCI RAMG3r/pL5leleDyGPt44MxUuzewopUeGplbQGG5vAAqbPv/RzIkQ2DOFnZRKavZfF8pQ8XR1nV 5J5KYNRp6/8JSWv+z/7HLmddJ1uD8T2bkTjly X-Gm-Gg: ASbGncsb7s3TIAcMy91SANfFvS8yFdZoFtDjyLm6lVq4ZqW9fvcAi6QC7zCqyw3ijqd JNXeA4Et4JZtJw2BMq2XDeZvqEq64Dw3LijUJPjBLANmfzuNzkydkK6fFoDCEO7Q89UCWmTANe0 mm8aIuCQJHpvcAZkqaRCuwKNrFnyg1IeISm0dM X-Google-Smtp-Source: AGHT+IHMTN2qRPcQYDghZHE4VQeLwVPAz2L1H53gnHel7Pkes/rqMOTl48sUg+7bC0maSEL1o8jqXU/uh4eOfSxetlI= X-Received: by 2002:a05:6808:13c2:b0:3f3:fbd8:402f with SMTP id 5614622812f47-3f4246cf44bmr4717283b6e.3.1740423568478; Mon, 24 Feb 2025 10:59:28 -0800 (PST) MIME-Version: 1.0 References: <20250224174513.3600914-1-jeffxu@google.com> <20250224174513.3600914-2-jeffxu@google.com> <443992d7-f694-4e46-b120-545350a5d598@intel.com> <385e1498-2444-4a7a-a1b0-0013b0b8fd68@intel.com> <202502241053.1FF33D5B0@keescook> In-Reply-To: <202502241053.1FF33D5B0@keescook> From: Jeff Xu Date: Mon, 24 Feb 2025 10:59:17 -0800 X-Gm-Features: AWEUYZnifnRx5Z-JUcfP_6w6jM5yUA3dkx8BkLtx2DHMO0ExMD72A08xTFoZbtI Message-ID: Subject: Re: [PATCH v6 1/7] mseal, system mappings: kernel config and header change To: Kees Cook Cc: Dave Hansen , akpm@linux-foundation.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Rspamd-Server: rspam11 X-Rspamd-Queue-Id: 9428A16000B X-Stat-Signature: ugu4oub1wjqz7ys635am7xh1kyiaurgn X-HE-Tag: 1740423569-281654 X-HE-Meta: U2FsdGVkX1+HozXkKoUG+iDpmKcyQ912jSCMwV16v0CV959+iZKL/tQnhORzxsxI6q6tEfH6GT2w70Itas6iFRb3RNzIWkHmJ74/I8dZazaldT0I8dKGM8qBCPuxQhwz7x0vAJcUJ+A/ig0HY/6jisn6/mOukLbJOd2JoZXjPc2bQ++QQI9Y86avjsIO/ed1fqoel/4IS0V5h2yx5RjhwoGKKb3xnrrvzkTePwG+jphP06zFJFXZc8JFD9sOtLMu/uzpw7GKyJW4Bgikp981i+udTx3pu5mv+P+2PQ1OUBv390XCu/zm95374o/g8d/C2Km1uMidrRtdnVt3zY+/5kmscpkLD6Mtr2MRzYqXhOPShvtEagRfXYIeGi7DMd2Dq7SmQXvPyKrUCj/92bWY3QfA/CsErSGsu/5mlYW3J0jfYIlg0gEKg/YrRUm841C/BvjoCMemplJmMkuKAsIeG/vSIE67CkjKs4HIyz649M7mDNzNyAKw+lJJTVa6Z2FSAEX7+AOUE2g6BdPY21w31PNKUM43IZbQxJVBA3z+N5e7FdDxX4V+WW7sa+LfZKNmyOjd7qrsVIfObnB3F1HbRAdOGQ1HL192cqJNdTs77NWohyxsVk4hg5VY6g6w9kfJBBVZxNurAUnQouegt/m6gVZtT13EF6iSDXl/1F7ukdnpBArdvLybAMcwmy84ddBF/jXeJTXo2JWAu2l742VF6biApdgf0QbtYu37udFkEtGQiG3+rMf0lJhQ5yfrQsi//OZpoXmNYQWWr8lQYJmT9ptQmT2DdIqgsmSM6Os5Mf60530iHD/C0975d/LSnj22FFOj/vo07S6iCdkYGlcoJGzdGGyjMdYHPJioLmIEvhOrp7JR2lYcKVvIaLJDUqVthdo15AMtx3HdepDx7+Ok27+sJKUw8DY7/zdP0IMa1/S8RMu6qWdHHqftE1CcTFO5xVArg5315bQiet9keb3 +dee/8Xv Jr/x1p7ncBYQUY/PsnB6optN9IQ3AzuPmoBasHSt8Lj0lCNAqy5iu6bvo75Gw5XADB76dKc4EWs3jpR6175aislk5R3qdwLP+dooau6QxWAOjXNPRv6hX6++wF29h259zqwDjbC/8ihU1QsVfq/j1dP7fZV146T9Wb5L+cAL2bQ6PMVDXTrLl9JX80HWHhUydk1MxPvxjWWVo8tymGjvLj+MI7c3Q3j98mMb9J4JyKxulBpVMBb4iIN6ZwlDee648A+Xo64ZWR8RVEZPl/2tcCzoKz4lk0NgtXKZB X-Bogosity: Ham, tests=bogofilter, spamicity=0.000094, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Feb 24, 2025 at 10:55=E2=80=AFAM Kees Cook wrote: > > On Mon, Feb 24, 2025 at 10:52:13AM -0800, Dave Hansen wrote: > > On 2/24/25 10:44, Jeff Xu wrote: > > > For example: > > > Consider the case below in src/third_party/kernel/v6.6/fs/proc/task_m= mu.c, > > > > > > #ifdef CONFIG_64BIT > > > [ilog2(VM_SEALED)] =3D "sl", > > > #endif > > > > > > Redefining VM_SEALED to VM_NONE for 32 bit won't detect the problem > > > in case that "#ifdef CONFIG_64BIT" line is missing. > > > > > > Please note, this has been like this since the first version of > > > mseal() RFC patch, and I prefer to keep it this way. > > > > That logic is reasonable. But it's different from the _vast_ majority o= f > > other flags. > > > > So what justifies VM_SEALED being so different? It's leading to pretty > > objectively ugly code in this series. > > Note that VM_SEALED is the "is this VMA sealed?" bit itself. The define > for "should we perform system mapping sealing?" is intentionally separate > here, so that it can be Kconfig and per-arch toggled, etc. > Ya, it is a layer of separation also. Thanks for pointing it out. > As for the name, I have no strong opinion. Perhaps VM_SEALED_SYSTEM_MAPPI= NG ? > OK. Thanks -Jeff > -Kees > > -- > Kees Cook