From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8F648C25B75 for ; Wed, 15 May 2024 03:37:42 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A8D998D006A; Tue, 14 May 2024 23:37:41 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A3D448D004F; Tue, 14 May 2024 23:37:41 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8DDA98D006A; Tue, 14 May 2024 23:37:41 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 6D6198D004F for ; Tue, 14 May 2024 23:37:41 -0400 (EDT) Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 1379EA1E33 for ; Wed, 15 May 2024 03:37:41 +0000 (UTC) X-FDA: 82119220722.14.13D1ED0 Received: from mail-lf1-f43.google.com (mail-lf1-f43.google.com [209.85.167.43]) by imf15.hostedemail.com (Postfix) with ESMTP id D9975A0005 for ; Wed, 15 May 2024 03:37:38 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=google header.b=JLQOHosV; spf=pass (imf15.hostedemail.com: domain of torvalds@linuxfoundation.org designates 209.85.167.43 as permitted sender) smtp.mailfrom=torvalds@linuxfoundation.org; dmarc=none ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1715744259; a=rsa-sha256; cv=none; b=T7LLw5jcIJBhtPG/ta45xjZUqx25Ah8I+5noPoMpo3ojZwgCmest8Jr2Tk+8vsAriV/Wez ccWYuvCA4pXzpwqJ4NmhqdMuv9M5lr9p5ZdvmDm6J9qsOnQWct8eg8zBkk/tTf1izYRgSp sZ0C2hRRdA+Xb1qAvCbos1TWjQ4OF/Y= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=linux-foundation.org header.s=google header.b=JLQOHosV; spf=pass (imf15.hostedemail.com: domain of torvalds@linuxfoundation.org designates 209.85.167.43 as permitted sender) smtp.mailfrom=torvalds@linuxfoundation.org; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1715744259; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=s05R5WbZKAqPwH8O5MN7TtiDlbeN3dQ+l+K+4TPNREM=; b=0+8nvXr/LhMWY/77Sr8j9qTh+MYMJzjPaC7Hkw4HCUmbxGzTGk5rAr57flhpsuhgEA+Vem J4fwyIbtQlJR9tKmUft10IBsbyZ9AvzSCMI5iKPYY4yigrJcPgPPtvsvicRDtRWA4ARqtr bkIlS8voEvTlQyAiDr6Bk5XHa6EqbdA= Received: by mail-lf1-f43.google.com with SMTP id 2adb3069b0e04-5231efd80f2so3887166e87.2 for ; Tue, 14 May 2024 20:37:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; t=1715744257; x=1716349057; darn=kvack.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=s05R5WbZKAqPwH8O5MN7TtiDlbeN3dQ+l+K+4TPNREM=; b=JLQOHosVdY1g0Sr4YG64xY4NL7188Vl7v6mSM4m/UDOjST6sJk6egt1pFmRdnjTu1r QvVCxBhpCIZelU8rMa2ZnnNHGHZ5xPwOVhHZ2js3RQchoIKRqz3mwDsvDs0wPkLxRIip 5vjEz9dLt1DaNbasWjxUTwvCYR5tP6gGbn8Bo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715744257; x=1716349057; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=s05R5WbZKAqPwH8O5MN7TtiDlbeN3dQ+l+K+4TPNREM=; b=vHHm1asrGqqMoLEl5x8FKO5LoQSBX230b/y+o5yaDTo7dNwVG+vzRYDo9+hKfEFWiR G4jhl934ovtkoVpFscAKU7G0KCV150Pp2tirxTpk1sb8t0ns5fb9XuwFtozo1dzixANq QDmd7rCRSsOkm+2VO21a0Q5FnS9foShjLMvC+t/abLAaleLFScgNj4dKpRYxasrJXVxe C+TluAmh+1LPJtR7QV+PiitSX3VnY7xMbevpgE0p1oV2SMWOKuSlKg/D4wOvvvxp8IVW iIhw9GUb1tY/4bkxSBQ1ZjPX8VO3q6owyrJSQODuEkZUazGoGS6md47Q3Is6KDHLpEyB 8m4Q== X-Forwarded-Encrypted: i=1; AJvYcCXMMjgTc7lTIYOUIMOIKQSRop5+8Qxf9mBTp1aAithPTEK2QUMAFtNWqmn1HYa/DoWK3nTUod76oC+DKofnuAzFQE8= X-Gm-Message-State: AOJu0Yxh38Uu3XIkV7e19f+FDjGZNkiik5b9WA6c6Kkm/ePh9iIZIn1R rjWII0n0YfQwleKE1+AgsXXFJGeG/g0BrnUgQprPeXmQFQZAHF54W6RDwp4pWkUZac5jSWCcM62 heG7LJw== X-Google-Smtp-Source: AGHT+IEq1oXkIn/lwk7ZV53O2hqcC6ry+sTvbXA+tqw0XjbQtBpJDQOXOPD1AeXxAdW3XqaIKyDNOA== X-Received: by 2002:a05:6512:3e1e:b0:523:2ed9:edf9 with SMTP id 2adb3069b0e04-5232ed9ef10mr5552140e87.63.1715744256882; Tue, 14 May 2024 20:37:36 -0700 (PDT) Received: from mail-ed1-f52.google.com (mail-ed1-f52.google.com. [209.85.208.52]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a5a17b01451sm808194466b.149.2024.05.14.20.37.36 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 14 May 2024 20:37:36 -0700 (PDT) Received: by mail-ed1-f52.google.com with SMTP id 4fb4d7f45d1cf-572e8028e0cso929131a12.3 for ; Tue, 14 May 2024 20:37:36 -0700 (PDT) X-Forwarded-Encrypted: i=1; AJvYcCWKcb1dDIGJQUwaE+57I2y9JsEGNsivO46kaM5tB022gnTme5fsjwdE/BsoB9iEyx5DHkM02MJjmK3xrCaj4UDnsPQ= X-Received: by 2002:a17:906:3d6:b0:a5a:7ce8:f52c with SMTP id a640c23a62f3a-a5a7ce8f6e1mr298659166b.16.1715744236120; Tue, 14 May 2024 20:37:16 -0700 (PDT) MIME-Version: 1.0 References: <20240415163527.626541-1-jeffxu@chromium.org> <20240514104646.e6af4292f19b834777ec1e32@linux-foundation.org> <871q646rea.fsf@meer.lwn.net> <56001.1715726927@cvs.openbsd.org> <20240514160150.3ed0fda8af5cbd2f17c625e6@linux-foundation.org> <92453.1715730450@cvs.openbsd.org> <20240515025811.GA1232@1wt.eu> In-Reply-To: <20240515025811.GA1232@1wt.eu> From: Linus Torvalds Date: Tue, 14 May 2024 20:36:59 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v10 0/5] Introduce mseal To: Willy Tarreau Cc: Theo de Raadt , Andrew Morton , Matthew Wilcox , Jonathan Corbet , jeffxu@chromium.org, keescook@chromium.org, jannh@google.com, sroettger@google.com, gregkh@linuxfoundation.org, usama.anjum@collabora.com, Liam.Howlett@oracle.com, surenb@google.com, merimus@google.com, rdunlap@infradead.org, jeffxu@google.com, jorgelo@chromium.org, groeck@chromium.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, pedro.falcato@gmail.com, dave.hansen@intel.com, linux-hardening@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: D9975A0005 X-Rspam-User: X-Rspamd-Server: rspam12 X-Stat-Signature: qbfqi6qhmqm47y39xcww9ggesmxsrc3j X-HE-Tag: 1715744258-274933 X-HE-Meta: U2FsdGVkX1876OEukTS63KAHDpP/+UHJBmbq+052AAEZac1seSw71Atkq/Gl62x8Gl8HnHfxk0jyYH8zBy57tNHx58NKaFoZ4RlwJ3IiM3S+lcZfJakXOljuvwJoZsRmwJYawTLNs8EZQ9iuUtU3u+7uYxDvC0fBkVUPdyfNIEvt8cUFrFoXLCbyzUNCwLGpEUU4PRJIdP+YMlInGeVXPHfR5Ln9sxbDRS1zVR4zOZ02hOeKuHXS4pM0JKKNmsuuuwLrep6Ntml1qUuUdGcYklZFtvCE4YoqX6xCoCYKdgXfyejy/SALATEFCfWALXwAN6jTHpReSHhKzLfA1wbidSvYg5hRxL3ouGFsVBiBkAkiuBkAKCCyqfMmFuxLTUPJ1gw92yV59S154QgO+UWkMBzahGZizUe14qYVWqb3zSiPCNsrctViy71aZFZm+JW/r4M0aRAS/0mju4JE23TTwDv0yOEwShIR1dzC/rMojkWHlZKRjhzaXzJnZK9vavxzDeNoq5voEIJLkyMnRkT4tkU0EkhgnQCRDrG8n7T6raUnNmtR73GfgFod+bo2XCOTRq6BcGz05Uo9+dhWPKkFNJLhprB9tqc8HtXVfGS3I1KWCofBaLwq1ZgmkzefHRlJzJ3hotJT4y0Jak4XtTPLXdiwDFQoVL0+JxgpPYaoCF+d2SDlp/MNzl2YE58hNjY1xXsNfeVoZzvStykSQUV3urUmf7vkwO5ecxqrp/Qbs9PhwAM8qpEXuzjsXumHZO9TtNVLZ371WuL12LrUaVOvlzmtH2HUtvYEAZAZTos8z/eVbXocVxvIqH1jtMY5Dof9tvVlD/ndyJb4t1UrXXIPgZWWRXMzypkaboCKWJNTYmYFHSrJy2JDscFUfheKLRd0ByIgmRlVcPY8mDp2y7wr4m4WfRid3jDbazyq5jZsAHrNY82AOSUabhbGa1tC8e0Upx4p4ZFZ+SItCTtJGd0 XkcHf+4s Ad0TMvZM/VfQxEu616iPZwUAn02x/VufjKU5U6GMN031UozGW5d1CHIyWxqkmBzzK6yt1fyy21p6+AN3Vgv7kpyARL6Zuv7Q4ShjVo8glxtiIhq0V9RUcTaNxxmbhmD3u0+qnSXlmYd6iyZYNLrm/6c4cG+1+aVHPN6K69CFcOJYz+nJh1mzoj11ji2vI1tKT94h0x0SUEUOMWUzlk/7DXofwPhuvOX5h7FBzIkBuamZzQpgxDnFdDYpVtcY0WlSa3/y0fI5VBltADL+FuwaWE9LQLenzcNoYgedg/pVhs92VrAEM7dlqGFAIKZa3Ppezr+kTZFSplIPgVEshhWvbNSB0gPgKBf5BK2ykKgyT6YWG/CVHzQHeEge3xq1KtLcUgeJtXjKTUAmtCzbQI9OMxOOSVTGw2shXNzPlWuUsam/kDjUsp1mmWrb8XabdzpsEvkcQHro0nX/qWwNTpRmmAS4M38jVpSj1tm2Asdi8t3JUnKwb8FMDjYHYYrwItdBLhoN/Y8OhG4Ov2EMFMCMnIoB2TRp3GPh6XuYIDWtgxl6Pgdpi97/Wl1rHxTBHvjxCE4qXchkN9Irfdo+CSbrE+rE1LuOwfRQ0uiyjhfTnP6f1K/GoBcbEVINMOTI1uw2yYtooL6nHcyX2CJS6J1zaIJZY6ieToiU2fTKdChux2205tr1aXjoVO2MiHNNgsOiPw5kH5vG0FNc5ULg= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, 14 May 2024 at 20:13, Willy Tarreau wrote: > > Wouldn't it be more effective to have a non-resettable prctl() allowing > the application to prefer to be killed upon such an munmap() failure in > order to stay consistent and more robust against such class of attacks? This whole argument is based on a castle of sand, and some notion that this is a problem in the first place. Guys, if you let untrusted code execute random system calls, the whole "look, now unmap() acts oddly" IS THE LEAST OF YOUR ISSUES. This whole "problem" is made-up. It's not real. Theo is literally upset about something that Linux has done forever, and that has never been an issue. Stop inventing make-believe problems - there are enough *real* bugs people can look at that you really don't need to. Linus