From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 05859C04FFE for ; Wed, 15 May 2024 00:44:09 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 640A18D0055; Tue, 14 May 2024 20:44:09 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 5EF498D004F; Tue, 14 May 2024 20:44:09 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4698C8D0055; Tue, 14 May 2024 20:44:09 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 281F08D004F for ; Tue, 14 May 2024 20:44:09 -0400 (EDT) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id A549E1C1A06 for ; Wed, 15 May 2024 00:44:08 +0000 (UTC) X-FDA: 82118783376.05.3E4CEB0 Received: from mail-ed1-f41.google.com (mail-ed1-f41.google.com [209.85.208.41]) by imf01.hostedemail.com (Postfix) with ESMTP id 7BC7340007 for ; Wed, 15 May 2024 00:44:06 +0000 (UTC) Authentication-Results: imf01.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=google header.b="HMZH8C//"; dmarc=none; spf=pass (imf01.hostedemail.com: domain of torvalds@linuxfoundation.org designates 209.85.208.41 as permitted sender) smtp.mailfrom=torvalds@linuxfoundation.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1715733846; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=7OZvAiAEdwWZe22j4pRu5oxfNYFobcCpcqXbwXMC6CU=; b=O0jQzBH/rZhgclSfuaGreXTZKZl+tcxhZ6YNgdXcWh7HmP/GM2jHGaz2lWh5kelNfwYqDP qRHz5EGm1VPYGjoYnKgvh4azdMCtLrpyXm1k/nHWAc0oR0uq+Roq7V5xwTPWvj5Hzvn5k4 pVxLHLk0TUrBc3YTyAw8mPSaDFGrAKU= ARC-Authentication-Results: i=1; imf01.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=google header.b="HMZH8C//"; dmarc=none; spf=pass (imf01.hostedemail.com: domain of torvalds@linuxfoundation.org designates 209.85.208.41 as permitted sender) smtp.mailfrom=torvalds@linuxfoundation.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1715733846; a=rsa-sha256; cv=none; b=Q27UvlM//GP+3hNUItNXm12fROH9hPAX5iiYjB6W/lNCGotkaz7VibhuCVykxyfI9Th0FR 9JwRQIjCNrQtkj4ijenMi4Gf/KbJHIiREyD+Lwh34DiaN+Cfj/RIIhyQ7E+ibdMmCtIK7z D2ryXxuYPJ30oFN21DlOY331FG5GL6M= Received: by mail-ed1-f41.google.com with SMTP id 4fb4d7f45d1cf-5708d8beec6so927939a12.0 for ; Tue, 14 May 2024 17:44:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; t=1715733844; x=1716338644; darn=kvack.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=7OZvAiAEdwWZe22j4pRu5oxfNYFobcCpcqXbwXMC6CU=; b=HMZH8C//SCZIy370YTsgsexMVWNKzOH1DIH66xUWykDjtxkMJBb0YPvG65ucLpOufm 1qf5VUt21D6RcZqbZiiL4AW7Xao3HnS1eTE4cEc2Ab0wfh0cKdFQGdZd6xnlJ1bx9ciW 91Sr1iQz22ERvxnYUHUpQekrxYhAjLzVcprbE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715733844; x=1716338644; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=7OZvAiAEdwWZe22j4pRu5oxfNYFobcCpcqXbwXMC6CU=; b=klj5xEAevlRMIKYlNH2oMVx0NQ7f/ST9TUgOzaR9PktoOBbzrASYAluGH7psGvXnnW 4511PcxUjZ3YlJZ031W8IrE2NgDO0HYTwJDOc/XgyWMqM2wxdACfnJmrLugMhMXDE6IG CKFAA2H4gsCrHC5/APD0S2bPzUmdSWdVpjAtEtJbs0ZpkaQgWenfna8y/QRyudT74uoz javd0xeNXB1dvoLkSW4B/QwhkZLetlfbflBUOpTTIWebRjf9uc4CaHf689wI1PJmSeXM 6pNNBNYwEK+OBtHW/Rt5a97iH/47IRfh5R2hUy/4u4UJ0xLW6+ldGRUa05VGrXR0gIzd DZgw== X-Forwarded-Encrypted: i=1; AJvYcCXq7G8O7l+9WpGvQ4Ci/mARFYr/51JRhj/GnEak76t56BiVClpv3bX7mhMQECJCOUTLnFA9ajKJL+gOkAblqCGHrlw= X-Gm-Message-State: AOJu0YxRh1Cnxbw7UXFuwHSxe+YtjFPS6ygfy2DoNaFFeFCN50kFFNuh Bi09DYrTRoXeAIwh0uq2yaiecS3bTfuUh+VqjavnEzmwluyNggxyZK/r1dl3NSkaduXcHRmk/f+ aSW0uWA== X-Google-Smtp-Source: AGHT+IE8H1YYciwo6A1Ym4ai44GgtYtQRjfPcvSIeKmyfasUbFYdPSdEsAlJ6+u/gwFU1Qyde9CG3Q== X-Received: by 2002:a50:a45b:0:b0:572:6dd5:67da with SMTP id 4fb4d7f45d1cf-5734d705b2dmr13554498a12.36.1715733844777; Tue, 14 May 2024 17:44:04 -0700 (PDT) Received: from mail-ej1-f41.google.com (mail-ej1-f41.google.com. [209.85.218.41]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-574ec273185sm827743a12.42.2024.05.14.17.44.04 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 14 May 2024 17:44:04 -0700 (PDT) Received: by mail-ej1-f41.google.com with SMTP id a640c23a62f3a-a5a4bc9578cso84228666b.2 for ; Tue, 14 May 2024 17:44:04 -0700 (PDT) X-Forwarded-Encrypted: i=1; AJvYcCVbDyCg85fPEkpNM0Ea6Xmp90C15tTD8KpDnc5arw0DwW7IwNW0d8EpwjYlbXDRsGv0SmbdQBqnxhtwN8uPeqUGuO4= X-Received: by 2002:a17:906:a010:b0:a59:a9c0:57e6 with SMTP id a640c23a62f3a-a5a2d675dafmr1290775966b.75.1715733843947; Tue, 14 May 2024 17:44:03 -0700 (PDT) MIME-Version: 1.0 References: <20240415163527.626541-1-jeffxu@chromium.org> <20240514104646.e6af4292f19b834777ec1e32@linux-foundation.org> <871q646rea.fsf@meer.lwn.net> <56001.1715726927@cvs.openbsd.org> In-Reply-To: <56001.1715726927@cvs.openbsd.org> From: Linus Torvalds Date: Tue, 14 May 2024 17:43:47 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v10 0/5] Introduce mseal To: Theo de Raadt Cc: Matthew Wilcox , Jonathan Corbet , Andrew Morton , jeffxu@chromium.org, keescook@chromium.org, jannh@google.com, sroettger@google.com, gregkh@linuxfoundation.org, usama.anjum@collabora.com, Liam.Howlett@oracle.com, surenb@google.com, merimus@google.com, rdunlap@infradead.org, jeffxu@google.com, jorgelo@chromium.org, groeck@chromium.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, pedro.falcato@gmail.com, dave.hansen@intel.com, linux-hardening@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 7BC7340007 X-Stat-Signature: scgto9oqsxxo4qbydp3uk6urkw5ahcn1 X-Rspam-User: X-Rspamd-Server: rspam08 X-HE-Tag: 1715733846-160986 X-HE-Meta: U2FsdGVkX1/hBKVzTF6WjrSKBqnnCEKZ300drXJJduds9+/bnEHTAwr36WrKQBygtpljqwQ7sghtNyIA91Et3YT1FNJzMGXpLNlodU6/YYWQhLkprLLo9aFrzluJ0snPmqRSwCmWBucaKk34prHNyyyIp2Hf6zcX4kclAv7H1PttqmJ990FzdYQ59F0PXD6Isu6/zuVH0YfnB1IFzw/MDpj9yV3iV5NKtv/AQcte2T/jwFPf+U/GNH9mhmFyNWRp3HoTTIK4ZXcAVrjhqagCLzSYJoOe0O03bsYudihAdBZvZZg4lDwGfSt2soURY9hs0eBAueWItKxup7Xz3kD++zvUudFZxJTRKZ3dqkoDlUYRBgUpnFUmjBMAcgye4943ezlT+iYexmUyu6ja7Dkn9LQJFbWPVxglKsm6NlagdZ28S3/yLs5gdIvAq6ZKqQIYgteJYTlOFCsoOCAs7xSwPi4nPkgGZYlKLRnBKaQ0O8L6WhKjDen5XOUrPSTg13gCK3zPw1CQ2Tn7BSchAFvZITNKbH5OZ8jYIGGjyOEb7LQUxVww3zl9QShlLnZQ9hnuat6uV+9ViLoL4IZoAurHWr9GC6vCfd7dj83jUFY+/sy86JK1/2lnlpStLY6JSrHMxSd7DFYOCkg82WA+wCwDTwb796o2sFHGGjk3QJG0peFRVx/v9DbMdcPd1ENy/NdHM6To0NEmAbWSOTowpe2UoX/p/5Z4/tD2eRt2LGfQfn9q06GKZoafEib2IeJw2NtzsdCppMp/rH1esGKmF1yCCCxIXhUcLTY5Fd9si8GYnGAGn8hQk322FNANBb/3kgQTVXIDiMdUlE8cYuBE8qHJJEjLyarz5SZB3Wj8vQi9Gin5e5i/ejuBubqcO/6EWA70Krx3HHURwegF60tBJxIBq5KMdoxHEBMxhSxoJV2Qww9JTl+oN/UIyaUPf2Etn7bIrl8AuDlTDk9gllntErf VsTMy4Ps l8VzI2girtcw5mtdMCAPuI3OCekx9GiEuzCJo6i8YRDyOBJzyBTWGphieOTw0d+80Z4dVsx1UUSkEf/7lUYwr/VdA+yaHkqNRVAiC6veqVCjjC0td+WK+NHVvyIBf2eIbSB7gtAIgBfnWeic0dBEy8kHLpjM/OdSt0/pISrC0PoaDiuOY9/ZzR7SpCu7Xx/s6sKsn/UpRVSFttaV4mUN7k5ubAGGm5jKQt3Jts5fsTYaL+mV5dJAEUrRw69Hm6LfuMeK++VyE1h5uLPAI1PJaKea5Y7iqfdhmcLaqPwh2HsXt7dIQo71XX0DDaq90UNAM8ml1xnxupF4q03AdUf/KlLYWmo5F0CVpNCF2OC1nOu6eaZJT0/8ILjx7r8hGb0LhDkNlHgftAq1DMcsHapswgwW4eMo5x5I+d44FKSIfGJfpJRQFCIB0NgfXZ5Cc56jNl2sk8+EVYx8GD9+ZfpKbobMFC3CwqgP2L/xA+nvFpWQthQcz21xFHvHjNbj+SWWisrvLdxp2gr3cMRHtKSNb/LEOiVNMgxgwhtTXytBoM0tHg73DrzBaDMvjbxU9keV/lOnIhd475Ofdwx9Hrb0dwoOCPJYQI8uynJK9yjwP7Q1s7tGgNFvX2NmJvgZK9ljvWrg9 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, 14 May 2024 at 15:48, Theo de Raadt wrote: > > and can't imagine it affecting a single application Honestly, that's the reason for not caring. You have to do actively wrong things for this to matter AT ALL. So no, we're not making gratuitous changes for stupid reasons. > I worry that the non-atomicity will one day be used by an attacker. Blah blah blah. That's a made-up scare tactic if I ever heard one. It's unworthy of you. Anybody who does mprotect/mmap/munmap/whatever over multiple independent memory mappings had better know exactly what mappings they are touching. Otherwise they are *already* just doing random crap. In other words: nobody actually does that. Yes, you have people who first carve out one big area with an mmap(), and then do their own memory management within that area. But the point is, they are very much in control and if they do something inconsistent, they absolutely only have themselves to blame. And if you have some app that randomly does mprotect etc over multipl memory mappings that it doesn't know what the f*^% they are, then there is no saving such a piece of unbelievable garbahe. So stop the pointless fear-mongering. Linux does the smart thing, which is to not waste a single cycle on something that cannot possibly be relevant. Linus