From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id CDF64C021B2 for ; Wed, 26 Feb 2025 00:04:16 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4287E280007; Tue, 25 Feb 2025 19:04:16 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 3D7B9280002; Tue, 25 Feb 2025 19:04:16 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 29F81280007; Tue, 25 Feb 2025 19:04:16 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 0CB8A280002 for ; Tue, 25 Feb 2025 19:04:16 -0500 (EST) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id A3766A0D55 for ; Wed, 26 Feb 2025 00:04:15 +0000 (UTC) X-FDA: 83160148470.26.6125E87 Received: from mail-ot1-f46.google.com (mail-ot1-f46.google.com [209.85.210.46]) by imf29.hostedemail.com (Postfix) with ESMTP id CBEE2120014 for ; Wed, 26 Feb 2025 00:04:13 +0000 (UTC) Authentication-Results: imf29.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=J43wm9X8; spf=pass (imf29.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.210.46 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740528253; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=BAjEfO6OUPLrsSI4+ZqyyWf8aULkwTfzrb9ydxvzH2w=; b=FGnnNi5jG3qN+S/j3fpywWx5uR0YHlVfiWnA1vpfPPU23/Jo8HkecofLY2UCMA12gVa8pP Mf+tB3NALrnN3elcRqm9+QU08RQrzZldGA7bLq/UZ1hyFWBfNPNip7is9yTdxBluK3rUE1 hgwFgFV327tFyDQz33wfT1pmv1PRhCc= ARC-Authentication-Results: i=1; imf29.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=J43wm9X8; spf=pass (imf29.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.210.46 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740528253; a=rsa-sha256; cv=none; b=AsEl+TSsRswDaNYaIETIYv22FgpPpGp1RKAF2PblpMHrNSFA8aY1kO+lQkzayE9H4hcrcx t9tCyff+yKS1PvHAzWuxRC9qsA9HcPD5HxoiMX76w9JN5cvvyXOxlJ9BwNoGb2ua8PxqAH zlEJ6KPKO3L1kvR7AbFEzqIxEbPOfZY= Received: by mail-ot1-f46.google.com with SMTP id 46e09a7af769-72726a5db1aso737361a34.2 for ; Tue, 25 Feb 2025 16:04:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740528253; x=1741133053; darn=kvack.org; h=content-transfer-encoding:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=BAjEfO6OUPLrsSI4+ZqyyWf8aULkwTfzrb9ydxvzH2w=; b=J43wm9X8ZVmzrsNPv6SP8/Vstq7nQKJMavQMyroOGadJLhwkf3OENudn3fGKU6xWz/ M+UQJdqjuP4e2n5TEJUt0/BqNcA3jEsawmA8iG+V9QyTwe9Em5cP1kIr00KbgFzbnP5K Txe9Rchw1LysIQhg5ZWbLGAz1ee3BZ54t0HwM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740528253; x=1741133053; h=content-transfer-encoding:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=BAjEfO6OUPLrsSI4+ZqyyWf8aULkwTfzrb9ydxvzH2w=; b=paS5qqUjjRBkmsAaUowHj8LTmWLdCZl3LxkpVPNZ8Fjn+euHQPcbHGS8TdYxWJzN4Y k4ARdePZysXzVrJE35OZmNg01zyDwgwfFlMbwwStjtrP18RI1lxUOiLxVPeG6bzbQhHt TS8co7gehEp/HRWRTlp4DJ7td1a6pkW2V0c+ZXzW/6Zgogvxw56na5FWe4vq7JTO/SAF fmh+i6u/G2rCtl3aBEnkBYJgbzdMR8zayWG3uLkooLFQmVqv/BWioVPFjhoa6f5EfSLR 5pMYuO5xzs8TVQUuKUxh9I1EPHVrFUDFfHf1JDIXJSxxIkQz9mhOa7VvcTmMqelF0yGG xDQQ== X-Forwarded-Encrypted: i=1; AJvYcCXez8QAjazHxR+pA1CLZKbvp0GlXAeC0Ir4bIREek7cga3byvmhZ9mjO2xgWF5myJPd1R8zlUiTmA==@kvack.org X-Gm-Message-State: AOJu0YxLZorJHF84Teq5wr/VPl9Wgv1UI8SekcvL8GOSFPmuEiiCzEpM YuUrDUecm53ZVZCF/5IFnsEyNrBZnVuoPhriFHM9M8w4IsTG6IiMwR2+qoPZ8aMG6s+NiFuihHP dW29H5a+a2Umu4kuEJqA2bUXyqbZNtC/k4sC7 X-Gm-Gg: ASbGncucjfsTzrzUBVUe5WZMCPYX0zZvWBq1Y3Q6id1S9wGYSk1nfj8ucVsFXmX84TR 4MxSJtjffr1Ciuhufpoh4t4O9pGTCF61CkJWJVQGOzmKb28Qq/RJlb5mhNBMvUymQvn0/vBplWG U3JFjnFlgmoQIMrFzCJ/e7BJn6yUy1JD1u/Bs= X-Google-Smtp-Source: AGHT+IH0tMkf7zVWE5oKycNi7tQ+C4mulyLIE+qkN1l/yiOlxc6TGinKcH0YiGFDJxWMSgE3ga1mFWhDjmTihTwlBJg= X-Received: by 2002:a05:6808:218d:b0:3f3:fe33:9ede with SMTP id 5614622812f47-3f4247d625bmr5111584b6e.9.1740528252736; Tue, 25 Feb 2025 16:04:12 -0800 (PST) MIME-Version: 1.0 References: <20250224225246.3712295-1-jeffxu@google.com> <20250224225246.3712295-2-jeffxu@google.com> In-Reply-To: From: Jeff Xu Date: Tue, 25 Feb 2025 16:04:01 -0800 X-Gm-Features: AQ5f1JqFUipPq9oY_uCEGFr6KvVeMOr2ifqonAZbCccBXdmDsOIiZ7y0Q2hJqUY Message-ID: Subject: Re: [PATCH v7 1/7] mseal, system mappings: kernel config and header change To: "Liam R. Howlett" , jeffxu@chromium.org, akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: CBEE2120014 X-Stat-Signature: j9o99hbwmo373zdub4mf3c7y65t4bgre X-HE-Tag: 1740528253-109269 X-HE-Meta: U2FsdGVkX1+aW48z/sGBTILrmvr5e0LMtdhXJlWTMsQaL0A9HLK0H+l5NKl2dlLA9aMYdFrZwW4meURDpCoMs94TeVSANc5z/NybIsCUN46o+jdlNx1hWlpzXt+lAP1+skrxtkA0jGgL4RbVY8HcDxGJnMj0AsMupW8rDIqqNQD2wKLinEC7A3PqGV4VwW8EMkeq1jkxE2m6OoeZDNDulrjb41wFUAPnGU6MV+T2toRGUaSlwyY0Xq2QAgO1QWTIYlpfYn0RFSVh9rsLPJ99WbcGlmW3EDTe8Ul/bernpfKbSpRbFoXeYG9eOeYYt92CVt4xTlgevvRunrZp73GBqqZMo//XgbXMv0wM6IKEEgf+pbBEVpmKdmspLE4J1StAuxx8zYxHGTUDQBynCac4GqSfISHoDBTKzM9joatucy8sjm0UprPxMwl2/CMqMFg0sIdmccl8yIbH0EZES7MXIxu9jAVeiAvXKKpz/P8kvv+9JJzNN05j7oBVRAaWOZVUpyPO6na6GxLQ8hfl09Od0h0C58MD3XHULwho0hTDLgf/P0rc9CCtzKxt2DMcvmADGaMrLbnmdtIcYos9mntX1UTRRPPdecV0Mi66iAJB6miSonHBt55746y3C3htlQu0Aahz1dNISwMB2/yu9bx5ts9+tgVZT+ThkSsOWSJIYYrj/ss81eN9UHBOPUqvf34fyqjILwELO0sXIQ/3FHcrUFQPdrem/tnxl2TM57xL5LDdr7yOnrvFXIU7XisqJwdL3ty0I8ejChDM/CAyQh6luyNttBXQLYZpp7bqmnryFpY6EVECtOUM+GNL2NV2/flb2ckuseAq0jLSD27TUJTCfKk1sv8lOiWD+syZfl8S7lC+UlA9CNovMs0pBuWWH9YMYowNjiLBHynyxV15G5kEs3IoA2724Qk8rj1aZym4VM4bjMSUyqB7sJavCi0JjW1bLDsz+7igeXDxroBmcIm PF8Pp+NY yK+Sk28cksUP4ZEbDx92AkPAj2iNiUZlMdStSEkP8XUx9xrwYxq9fQQO89tROoLz7pTV4UeOMivXJ2GdErHRcVtelVM/wEWrjukqFXwqce2NTDgoToOkX1UJAQPRR3BCANXjgpIavEto7mOvOll/EzA1jRg6NrCU6sfIQep0qGdZjuL8wyoJdGr7TVurIy2cTAUpcSu8q0Ic+U+ECIW0b40BeHXyo/uOmaCsSnGX7vCxpbf8tqdHC9hGqmH1oAQjsXEhVYsVQ7Pv5jdw9iLRHMgQOGn6oI+M4g0TiUi8uBwCOr2qzKTR969Vix9/Rb9EPwXHz6AOH8jtng/xg7jsPUR4+IA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Feb 25, 2025 at 7:23=E2=80=AFAM Liam R. Howlett wrote: > > * jeffxu@chromium.org [250224 17:52]: > > From: Jeff Xu > > > > Provide infrastructure to mseal system mappings. Establish > > two kernel configs (CONFIG_MSEAL_SYSTEM_MAPPINGS, > > ARCH_HAS_MSEAL_SYSTEM_MAPPINGS) and VM_SEALED_SYSMAP > > macro for future patches. > > > > Signed-off-by: Jeff Xu > > --- > > include/linux/mm.h | 10 ++++++++++ > > init/Kconfig | 18 ++++++++++++++++++ > > security/Kconfig | 18 ++++++++++++++++++ > > 3 files changed, 46 insertions(+) > > > > diff --git a/include/linux/mm.h b/include/linux/mm.h > > index 7b1068ddcbb7..8b800941678d 100644 > > --- a/include/linux/mm.h > > +++ b/include/linux/mm.h > > @@ -4155,4 +4155,14 @@ int arch_get_shadow_stack_status(struct task_str= uct *t, unsigned long __user *st > > int arch_set_shadow_stack_status(struct task_struct *t, unsigned long = status); > > int arch_lock_shadow_stack_status(struct task_struct *t, unsigned long= status); > > > > + > > +/* > > + * mseal of userspace process's system mappings. > > + */ > > +#ifdef CONFIG_MSEAL_SYSTEM_MAPPINGS > > +#define VM_SEALED_SYSMAP VM_SEALED > > +#else > > +#define VM_SEALED_SYSMAP VM_NONE > > +#endif > > + > > #endif /* _LINUX_MM_H */ > > diff --git a/init/Kconfig b/init/Kconfig > > index d0d021b3fa3b..07435e33f965 100644 > > --- a/init/Kconfig > > +++ b/init/Kconfig > > @@ -1882,6 +1882,24 @@ config ARCH_HAS_MEMBARRIER_CALLBACKS > > config ARCH_HAS_MEMBARRIER_SYNC_CORE > > bool > > > > +config ARCH_HAS_MSEAL_SYSTEM_MAPPINGS > > I think we said ARCH_SUPPORTS_ for software features in v5 of the series > [1]. Can we also make this change please? > Sure. > ... > > Thanks, > Liam > > [1]. https://lore.kernel.org/all/202502131142.F5EE115C3A@keescook/