From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 82A9AC001DF for ; Thu, 19 Oct 2023 23:06:37 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E6A668D01AE; Thu, 19 Oct 2023 19:06:36 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id DF5CD8D0003; Thu, 19 Oct 2023 19:06:36 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C6C048D01AE; Thu, 19 Oct 2023 19:06:36 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id B46488D0003 for ; Thu, 19 Oct 2023 19:06:36 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 8A9C9405A3 for ; Thu, 19 Oct 2023 23:06:36 +0000 (UTC) X-FDA: 81363747192.13.3D6DF64 Received: from mail-lf1-f52.google.com (mail-lf1-f52.google.com [209.85.167.52]) by imf09.hostedemail.com (Postfix) with ESMTP id 8908F14000C for ; Thu, 19 Oct 2023 23:06:34 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=google header.b=JzAmNKXo; dmarc=none; spf=pass (imf09.hostedemail.com: domain of torvalds@linuxfoundation.org designates 209.85.167.52 as permitted sender) smtp.mailfrom=torvalds@linuxfoundation.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1697756794; a=rsa-sha256; cv=none; b=BHRalc/evSZFgRv3QEvQ7acXKqdi2urZo02niEvD1tsCAlYHBjyQGFXeZQnQN9oz2T+diO Kkj3JY+mPGvXvb/niskASWHx7UeyP6bKZId5BuOZxEUNKKOXeZL+Vprm/5oigvsJxfHDZt E0PDMPaediOTjn40fhXus5bpo7sTo58= ARC-Authentication-Results: i=1; imf09.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=google header.b=JzAmNKXo; dmarc=none; spf=pass (imf09.hostedemail.com: domain of torvalds@linuxfoundation.org designates 209.85.167.52 as permitted sender) smtp.mailfrom=torvalds@linuxfoundation.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697756794; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=vyephYMGi9WkrF+MMy/aTcTtLZAvJsqtW+X3GM9oKyI=; b=vL1kboZJP/MP7AyanPRBFl5Sr6PMbltIxygf3tu4VAigIpzsjhjqkHr5ygwIqQ9MmE9twb KFD9sExfLUm4SWZ+K0N3cGlonsr+whnZb43PdI7SRCSluSTe5Ys/+d2LTC7NOP18GQk/7l qOdJ6cvV/N3GwXMqGkHK03bxV3SjOH8= Received: by mail-lf1-f52.google.com with SMTP id 2adb3069b0e04-507a936f4a9so234906e87.1 for ; Thu, 19 Oct 2023 16:06:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; t=1697756792; x=1698361592; darn=kvack.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=vyephYMGi9WkrF+MMy/aTcTtLZAvJsqtW+X3GM9oKyI=; b=JzAmNKXoCDCL2ThdWfSrRHv7iYA5Crlu1cn4P+cfaLgIb7rxH9iez5M32LWdU3CYff aECs6m55MekxhybDayAaKAOvGJhe5rjTc3ANM0P9734+TSpHN42gHqMO6dibypiyHbJe Q/JumO1t0Zlh6nxXhehh+i6WV/cSlxuQDTANM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697756792; x=1698361592; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=vyephYMGi9WkrF+MMy/aTcTtLZAvJsqtW+X3GM9oKyI=; b=b15l8Zl6qU8W34/8YKuBbIKMD4lE+wXKIkeIDT0LjhhIHHiNPGsgHLY6Gcfe8hY0cC NG4AMjIeDe+0w89xngTGV1Uo8WX42+Iy4eZa13/cZlidegWCUVzAbf8O5vGW/Wcy0GTx RISBO/eftX2ioIKLnDpdWNnxPmkw8rLOZekrZRJTwt93WCragwzib95kou9L5On9B53r DsWW/kQteSWTxcCwdAnl69qNRYmU29KQ7xIMdQ9X25sNhsJBwwfCTzcq14RQiOXSokhp sfwrmuEnA++F3FOsT5Yc16tXEJdGyw1BknijqIlphWWZbPSLbih/GhJeSTTqfGvFG0tj 7Vsg== X-Gm-Message-State: AOJu0YxX/ZQgw+WW+ZJ5v9CgBYiq8NXQysQLxfjZuP3mzhO5JNkEvm1T tTM/qFHS+A3bW1AU6q8Q20bDTEexi2DeeQy27ftPXZuC X-Google-Smtp-Source: AGHT+IHOK0Ox1CvERrXa+1GCS4/Zq7kO/njstJgJ4x7st6DUOE7lB1rlfRcvSUe9BNHLXN1nZw3MAg== X-Received: by 2002:ac2:5967:0:b0:500:90d1:90a6 with SMTP id h7-20020ac25967000000b0050090d190a6mr71269lfp.63.1697756792468; Thu, 19 Oct 2023 16:06:32 -0700 (PDT) Received: from mail-lf1-f44.google.com (mail-lf1-f44.google.com. [209.85.167.44]) by smtp.gmail.com with ESMTPSA id be9-20020a056512250900b00506892e2761sm78963lfb.24.2023.10.19.16.06.31 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 19 Oct 2023 16:06:31 -0700 (PDT) Received: by mail-lf1-f44.google.com with SMTP id 2adb3069b0e04-507c50b7c36so220596e87.3 for ; Thu, 19 Oct 2023 16:06:31 -0700 (PDT) X-Received: by 2002:ac2:533c:0:b0:503:3453:ea7a with SMTP id f28-20020ac2533c000000b005033453ea7amr52431lfh.66.1697756791018; Thu, 19 Oct 2023 16:06:31 -0700 (PDT) MIME-Version: 1.0 References: <20231016143828.647848-1-jeffxu@chromium.org> In-Reply-To: From: Linus Torvalds Date: Thu, 19 Oct 2023 16:06:14 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [RFC PATCH v1 0/8] Introduce mseal() syscall To: Pedro Falcato Cc: Jeff Xu , Matthew Wilcox , jeffxu@chromium.org, akpm@linux-foundation.org, keescook@chromium.org, sroettger@google.com, jorgelo@chromium.org, groeck@chromium.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, jannh@google.com, surenb@google.com, alex.sierra@amd.com, apopple@nvidia.com, aneesh.kumar@linux.ibm.com, axelrasmussen@google.com, ben@decadent.org.uk, catalin.marinas@arm.com, david@redhat.com, dwmw@amazon.co.uk, ying.huang@intel.com, hughd@google.com, joey.gouly@arm.com, corbet@lwn.net, wangkefeng.wang@huawei.com, Liam.Howlett@oracle.com, lstoakes@gmail.com, mawupeng1@huawei.com, linmiaohe@huawei.com, namit@vmware.com, peterx@redhat.com, peterz@infradead.org, ryan.roberts@arm.com, shr@devkernel.io, vbabka@suse.cz, xiujianfeng@huawei.com, yu.ma@intel.com, zhangpeng362@huawei.com, dave.hansen@intel.com, luto@kernel.org, linux-hardening@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 8908F14000C X-Stat-Signature: bzfuxr1561kip67d6e3bnto16iqxhykn X-HE-Tag: 1697756794-116767 X-HE-Meta: U2FsdGVkX18WlrjhRX3o9MJwCwrlAUD5sotUfprU0RvpPaO/CGbeCvXjCLEcW+8dsx2G+NQBlI3w/se0PYkQoQsHwu2d+3DDmKXLpc4rgMA9DzEY/Kc4tDmctl8oRNe74IOScEgmJoKJ7BINORpR6wJX3PMHDb/BBVwNoyzssrn+rlWsw8QkHvvKX0N2YE8abniFxRGXJcXkyKa5adRnSYpnMQ48g1vNZj8onB2Fgn9cwKWxom9FlWuoAR6Ij5jzZE79aUdr0A+V+aLyl8WLKBmC/bQk6HT8U7hXiBt0wL5i7kSBpBqoiCho3IDTKIH9WUnSFA2qAxCEJpzSTedLix/MnCDFwFUL4WiHX8jCtR/AD3v6FEqvaqCgGxTToblv1UnVm33PflJ6i9vVrbXj0cNTajzm8hB930s7il8QVdXfDaWIGrGdYfObt1/D/IBJV4vn69LgMrsvIX95wGtpXDD7U5LNAOu6eZ4/PTjp/CYQCl+Psr9WIgrZ92h1RilJjglyzmgQSC4kbF1DqNp1WJQtLbwKtqL+6GUoaIeafkOhe8iYkw670OEcjENgMjfl45B8F+xfauD+isv2dYWa7rqpUg5OInlkKyJ8MAo68ScnwRA5Y/kAJaomVThnWJhClf+UFR4wV2lYtKRCX3PnmJ1p60Kg2YAdx2XGfpgxx1cnT8G9fc4s/uVeqEU4ZUeV52BvTZjpDkKD7Mo4V9YyFYNLz9HhyTqzFrvRaYpTH7l9EGAoF79a14SMpcO8Qf4/RcYeIrKjDIZcCzmnkOY/exiLIDebk6jFydOP7huyurBeLxxacP90PRm7mljihOUH13kDosilRmUuyNJeV30q9JMbflcNaobg0n/K/CGv2b3JcGU/mjcNQ8fJ27eQUphhc43r5wkbXAGq0Ch5Tg24QXVwpLVMhCpjgVrQmnctdaPYegInyeYVxZhODCWl6mG4MAZwHiIPnoSFA6rIHyt q6VVJpA8 w5nohOaxBKqBP7nsTn7Rlz7XBXOvtvANBCHmaDFWMBUYzfP+IiAvZ733ZNvS9LmuluRnJiiwtzsxyJB7OzYiAUwL0IpUilJoOeCLYCdwGaeyljrrYt3is1v/k9KbVuJ/0bDMDB2XiP9qPpp+4ITHTINWwDDTN7DKMkjRdP43/Cf7JLqL6Q4+P6SnHWKMFnGs9VGBE/cF33WXk4iecKLKZ9h6R2hBttZ0oCg4tr89r1jJyNTt8US1G6BeW3ZF9xuLm7eY984330/uWbtFz29Kee9pYKtN3Up8RkrUpBcXObN1ZNOYic8yNM3hhJhulRJh7SBKIaS9MPc/H79lXmRlT9Qq5u4fFRopYx+sl6nPNhZbJHTNF9rLtHsImJ3SHq23UWf5ghzDU1Ac4IS7NIk7+ZlNjvOrdTlKb4uzMXmlnvctdCGYYmHI0UbCIrwBN3d7MrcoZqSfrTyantU9JzC8jdvaSkD/DgNybXP8yBhHOOi4hoqVL8MwGeZitGCv9/0z+i7gn18LYA3zeJHHglx7rlGwKLQeDPoJJqc4oHYY44nzTodFjgJJ7wPAspg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, 19 Oct 2023 at 15:47, Pedro Falcato wrote: > > > > For mprotect()/mmap(), is Linux implementation limited by POSIX ? > > No. POSIX works merely as a baseline that UNIX systems aim towards. > You can (and very frequently do) extend POSIX interfaces (in fact, > it's how most of POSIX was written, through sheer > "design-by-committee" on a bunch of UNIX systems' extensions). We can in extreme circumstances actually go further than that, and not only extend on POSIX requirements, but actively even violate them. It does need a very good reason, though, but it has happened when POSIX requirements were simply actively wrong. For example, at one point POSIX required int accept(int s, struct sockaddr *addr, size_t *addrlen); which was simply completely wrong. It's utter shite, and didn't actually match any reality. The 'addrlen' parameter is 'int *', and POSIX suddenly trying to make it "size_t" was completely unacceptable. So we ignored it, told POSIX people that they were full of sh*t, and they eventually fixed it in the next version (by introducing a "socklen_t" that had better be the same as "int"). So POSIX can simply be wrong. Also, if it turns out that we had some ABI that wasn't POSIX-compatible, the whole "don't break user space" will take precedence over any POSIX concerns, and we will not "fix" our system call if people already use our old semantics. So in that case, we generally end up with a new system call (or new flags) instead. Or sometimes it just is such a small detail that nobody cares - POSIX also has a notion of documenting areas of non-conformance, and people who really care end up having notions like "conformance vs _strict_ conformance". Linus