From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 97A66C021B2 for ; Wed, 26 Feb 2025 00:01:12 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 81EE0280002; Tue, 25 Feb 2025 19:01:11 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 7CE7F280001; Tue, 25 Feb 2025 19:01:11 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 695F5280002; Tue, 25 Feb 2025 19:01:11 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 4B2D6280001 for ; Tue, 25 Feb 2025 19:01:11 -0500 (EST) Received: from smtpin16.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id BBC781A0503 for ; Wed, 26 Feb 2025 00:01:10 +0000 (UTC) X-FDA: 83160140700.16.CCAE2D4 Received: from mail-oa1-f44.google.com (mail-oa1-f44.google.com [209.85.160.44]) by imf29.hostedemail.com (Postfix) with ESMTP id 705FD120015 for ; Wed, 26 Feb 2025 00:01:08 +0000 (UTC) Authentication-Results: imf29.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=DM44pCg5; spf=pass (imf29.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.160.44 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740528068; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=RTanE6XR/JH9Zoq0uVHYD+TayIsyzXrlsJ6Fo1TDNp8=; b=n0cl548WAX7SQx9xmQ1OVYly/WsUblXodpB7B/qdB1aVu9JVpZLmTaNSHBTQBg7Z1Hm+tW JGHPFf0NztsJimXmUwgZsaf+EZ+veGAZ6LqpAcPN3BGLZLX/YOxCamoBpNIvjKq1yxta5f wDgmy8LWSwk/BUjXn1jqSpRf5P7MKu0= ARC-Authentication-Results: i=1; imf29.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=DM44pCg5; spf=pass (imf29.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.160.44 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740528068; a=rsa-sha256; cv=none; b=Nv6JZ/Buyok4gU2o4CSb30XhQ8oloLVpfb84WvswgWEUGZjJRrYlP+H/mmo8sY83IOS9sF b1V5TE+nWMTEoq7JJE4h1mv7cBMf/Cg2xq6h8EzdylXRStf6l/1Dyn3YbulM0pchufJlCA PBrwG15OPoFPJvoyCzL8r4wY5kKfgoE= Received: by mail-oa1-f44.google.com with SMTP id 586e51a60fabf-2bcdce44e56so416775fac.0 for ; Tue, 25 Feb 2025 16:01:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740528067; x=1741132867; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=RTanE6XR/JH9Zoq0uVHYD+TayIsyzXrlsJ6Fo1TDNp8=; b=DM44pCg5Kl3tfKY431tz5uDT/VYJ6MmPFSJJhhS++f6ClNmUcoEvj8E8LCeA3ZziRL 2v4iuVBdUxQX3mBqgBWUuh5YDRTG5TT87yI6b9EAnTvrNV4vt7uyKXpoIm7BKEEPXOpv aFNYmjpiP8j/jUozdy2Tid6E52v7BMNv4L+3Y= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740528067; x=1741132867; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=RTanE6XR/JH9Zoq0uVHYD+TayIsyzXrlsJ6Fo1TDNp8=; b=PxKisfVln4gvZobA2s2CU2Z1/znKB9JJhBrOdEzjJlV8vpDPe3B0d5ovRT0NoPY3d+ l7lXpWHxsAp9pPgoCXPcgmjzBxe4ntoQS8br0NdoML7wJ51Hu6D577BqUkgWeJ4nX2v4 cPPP0jr0+i+bRxU9DygnzENnUmGj/YoXTDHspSzAxLBp7WtWeaiDEQGbhMbTAfeUVzby d+sYR8/kMttSZLWgo0f29rB/71OgqjskWEN5hRtjm4xmnE6+PFgv6M2lkIaOxOMia9vZ 2RcLRVjqZYgGoiKXM7r/b4aACTS20WY6R2i0Na5c7r+W3mL9AJJ3gu1uqrTfmrkeXg5E blEA== X-Forwarded-Encrypted: i=1; AJvYcCXIXOj21ZRvpz4PKQRRD4nCb4+trCOKTnh7IR4K9w4ByjVzxr7zIwpsC6tXgvgc3+ltVqrcTDi+yA==@kvack.org X-Gm-Message-State: AOJu0Yx3L1GOzAuZoX75unF6LyM7NAEIo2oYgsxeX9BP8GHLPptskY8V Vg7foF15bF2tltGueSJGjDLxbnRN0xIm39GZ9Y+SpcveifT0TssyPc37SK1zJWGXUbWH+lTBKYc LZSMbQ4JzPrIadQqeTlQU8wLHhr/NUQ4LrXTB X-Gm-Gg: ASbGnctLSizRuxulYoYQRlswhac9XytgErRTI1F2sGZh0hpFuE9sxo67xpH8yyiYrj5 KZ6d0FGT+tYdzodlnSB1SzED3qfu06JEziM6GgJvCkEmFbZcWETcDM7zr39fsHbe9cfMAYr/hIr NYDeNDYoBV6W8LCiWJRawEE9mbTtuzDNtyGlc= X-Google-Smtp-Source: AGHT+IELe7Q/6O2YWMjS8MjKjcw3APoXgNJtjGq0cBBtTsKkJH0j3uRuC98gBF3d5jfK8A9Ni6bYgLWT/E0p/bexzIM= X-Received: by 2002:a05:6808:2109:b0:3f4:159d:a27e with SMTP id 5614622812f47-3f4247df7a0mr5817242b6e.8.1740528067182; Tue, 25 Feb 2025 16:01:07 -0800 (PST) MIME-Version: 1.0 References: <20250224225246.3712295-1-jeffxu@google.com> <20250224225246.3712295-6-jeffxu@google.com> <96ebddf3fe31353c89f6a4680eaeb2793c25cd09.camel@intel.com> <202502251035.239B85A93@keescook> In-Reply-To: <202502251035.239B85A93@keescook> From: Jeff Xu Date: Tue, 25 Feb 2025 16:00:55 -0800 X-Gm-Features: AQ5f1JqrFo-3TKx0ZH5FJxQSLMaaUHg4v6Oj3trpyca3fo9xG6lTeqBiqur_uik Message-ID: Subject: Re: [PATCH v7 5/7] mseal, system mappings: enable uml architecture To: Kees Cook Cc: Lorenzo Stoakes , "Berg, Benjamin" , "Jason@zx2c4.com" , "adobriyan@gmail.com" , "deller@gmx.de" , "gerg@kernel.org" , "anna-maria@linutronix.de" , "davem@davemloft.net" , "avagin@gmail.com" , "mhocko@suse.com" , "enh@google.com" , "thomas.weissschuh@linutronix.de" , "hch@lst.de" , "hca@linux.ibm.com" , "peterz@infradead.org" , "adhemerval.zanella@linaro.org" , "linux-kernel@vger.kernel.org" , "ojeda@kernel.org" , "jannh@google.com" , "f.fainelli@gmail.com" , "sroettger@google.com" , "ardb@google.com" , "jorgelo@chromium.org" , "rdunlap@infradead.org" , "mark.rutland@arm.com" , "Liam.Howlett@oracle.com" , "vbabka@suse.cz" , "mpe@ellerman.id.au" , "oleg@redhat.com" , "willy@infradead.org" , "peterx@redhat.com" , "mike.rapoport@gmail.com" , "mingo@kernel.org" , "rientjes@google.com" , "groeck@chromium.org" , "linus.walleij@linaro.org" , "pedro.falcato@gmail.com" , "ardb@kernel.org" , "42.hyeyoo@gmail.com" <42.hyeyoo@gmail.com>, "linux-mm@kvack.org" , "johannes@sipsolutions.net" , "linux-hardening@vger.kernel.org" , "torvalds@linux-foundation.org" , "akpm@linux-foundation.org" , "dave.hansen@linux.intel.com" , "aleksandr.mikhalitsyn@canonical.com" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Rspamd-Queue-Id: 705FD120015 X-Stat-Signature: gp6yzpj6ekq8uahmwrrgpjepuyzok8yh X-Rspamd-Server: rspam03 X-HE-Tag: 1740528068-211078 X-HE-Meta: U2FsdGVkX1+eNZFdFRJWwHsJsGQTt81KDl4UU0WEAm2NDIVnMFuFjPPhdaMyJN7wiKs5KHhHKF6IlHRe6aC7Vo8cW3JkPhsNmmW2MepL0zfltjblm0kbtQXL9M3PC7OIPTmdPyMgWn3uvRElHxXcPotDZ3ZzWv4mYWSbodJ8/QgIQtnd7QtCQS0Rj4GIczhEV5pJKBGEA3751d6p9xu775OyNgh+AJ0gXwgCLmcybopq+lEsEa6hN9owGV4npPv3yJj8kuyyAMI1K8wmmNBWZ0cre3nxwMAggoHmXjNUYSjlRa32CvAr0sSxtPP0TQsACB5i3N991YJpdzyVKgRA3sKA3I9kz2f3xKRLh9g9BnylO+gfyqo869nFw44HNhyfpChwK+FcbiU/KYgRCfFsaIIYGCaIBT4jDkRimsU4jEsPIkyyYnlkIykiKFqhiIVFvehu77kt5ospncH3RIo0hojUVbmDHoVVcmV6qyirbOaAwjGATUOX2K+2oJsRY6gQK1bH5y39vkJbb4qZAI7lZ+e7JH15369aA6v7XI7Y4a5/KjdhuofY+81PEK+78JHNgmz8NrQT6o9FgKV01h5SqVBe4CxQm983cqMhne3EctvRA7GFjfG4Lu8+jbwHR4f4aRc/wBzQvzONQRpu1U7QrmCLpkzNUlWgi8PYrfpNpnI060DuYRMoDG3UcSdR3845EghEeKGkIvc+RTooQLw9JcOzXcRFOIbkM7whJ+nV7TGJtocB1JqGnH8CsYlpr62zmHah6rB+wKgRv34TUZuR4ioHW8awyuedvV9nRG4vbhpYUxiq1Z90P1CVMkzGxXCcl4trgsDZkrWi7Nfb+Lqt3fuscDAqOX96khz5CntiCSzUYKhPgykIEz4XkU62veqkx58D92ad61RVbGj/Y7Z6PQ4O0J723miSD2pmNhDY78IzMYOc/++UzpLTeHff/YwLhJMSI8wd/yNZWjdEVdh QZageURF SS/R4YiZsYqyMfbjx8Fx2XZ8YDaHOJzXg7e0txIUGhEpTzkifhzGEzUXxrxSDO4JZzCIsiGrLAU9C6AVIQxKAcqDsoXJ3JeK0EXmcBhzYPYD3m0VRY83f+WW2wvL47JoiQzEXgsM8RDfUnZ5e4chgmt5TJ/f5IlsyE3zS0j9BQca1ocpy+8EQTEz9OQhOlz/yRn5za24h84etXKIwA3Fokq2PhQg9OywL22aY3mq70WfWc9r11u9NS3Cle2oSBN2X1Z4CsYk27zr1WqKyId8AIKi396H4xRyCdOlh6bc7mImOUqMZIdz23LPnukAmgaqB+kA0Dfa7mUa2PoYhNodIx7ZEoL2UYAeqGlIp/129t+lryrXLTSzPTarFhh0STeEuznQJ X-Bogosity: Ham, tests=bogofilter, spamicity=0.002203, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Feb 25, 2025 at 10:38=E2=80=AFAM Kees Cook wrote: > > On Tue, Feb 25, 2025 at 03:31:06PM +0000, Lorenzo Stoakes wrote: > > On Tue, Feb 25, 2025 at 07:06:13AM -0800, Kees Cook wrote: > > > > > > > > > On February 25, 2025 2:37:11 AM PST, Lorenzo Stoakes wrote: > > > >On Tue, Feb 25, 2025 at 08:45:21AM +0000, Berg, Benjamin wrote: > > > >> Hi, > > > >> > > > >> On Tue, 2025-02-25 at 06:22 +0000, Lorenzo Stoakes wrote: > > > >> > On Mon, Feb 24, 2025 at 10:52:44PM +0000, jeffxu@chromium.org wr= ote: > > > >> > > From: Jeff Xu > > > >> > > > > > >> > > Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on UML, cover= ing > > > >> > > the vdso. > > > >> > > > > > >> > > Testing passes on UML. > > > >> > > > > >> > Maybe expand on this by stating that it has been confirmed by Be= njamin (I > > > >> > _believe_) that UML has no need for problematic relocation so th= is is known to > > > >> > be good. > > > >> > > > >> I may well be misreading this message, but this sounds to me that = this > > > >> is a misinterpretation. So, just to clarify in case that is needed= . > > > >> > > > >> CONFIG_MSEAL_SYSTEM_MAPPINGS does work fine for the UML kernel. > > > >> However, the UML kernel is a normal userspace application itself a= nd > > > >> for this application to run, the host kernel must have the feature > > > >> disabled. > > > >> > > > >> So, UML supports the feature. But it still *cannot* run on a host > > > >> machine that has the feature enabled. > > > > > > > >Sigh ok. Apologies if I misunderstood. > > > > > > > >Is there any point having this for the 'guest' system? I mean securi= ty wise are > > > >we concerned about sealing of system mappings? > > > > > > UML guests are used for testing. For example, it's the default target= for KUnit's scripts. Having sealing working in the guest seems generally u= seful to me. > > > > > > > 'Having sealing working' you mean system sealing? Because mseal works f= ine > > (presumably in UML, not tried myself!) > > Sorry, yes, I mean "system mapping msealing". > > > > > System msealing lacks any test in this series (I did ask for them...), = certainly > > no kunit tests, so this seems a bit theoretical? Unless you're talking = about the > > theoretical interaction of kunit tests and VDSO sealing? > > Right, I meant theoretical interaction, but it would be useful for > future KUnit tests of system mapping msealing too. > > > I mean can't we just introduce this at the time if we believe this'd be= useful? > > Perhaps adding it as part of adding some KUnit tests that exercise the > system mapping msealing would be the most sensible. > > > Generally I'm not a fan of adding features mid-way through a series, th= e > > revisions are meant to be refinements of the original, not an evolving = thing. > > > > So in general I'd prefer this to be added if + when we need it for some= thing. > > Yup, makes sense. And it may be that KUnit tests need to exercise more > than what UML can support, so even the KUnit idea may be invalid. > > Jeff, let's leave off UML for this initial "minimum viable feature" > series, unless there is a strong reason to keep it. > Sure. It will be removed unless someone raises a strong reason to keep it. UML can be added when future KUnit tests need it. Thanks -Jeff > -- > Kees Cook