From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5B7CFC27C5F for ; Fri, 7 Jun 2024 18:40:52 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id BFC046B0093; Fri, 7 Jun 2024 14:40:51 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id B82786B0095; Fri, 7 Jun 2024 14:40:51 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A23566B0096; Fri, 7 Jun 2024 14:40:51 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 81C806B0093 for ; Fri, 7 Jun 2024 14:40:51 -0400 (EDT) Received: from smtpin21.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 2435D1404F6 for ; Fri, 7 Jun 2024 18:40:51 +0000 (UTC) X-FDA: 82204959102.21.9A3C241 Received: from mail-oi1-f180.google.com (mail-oi1-f180.google.com [209.85.167.180]) by imf19.hostedemail.com (Postfix) with ESMTP id 456811A0006 for ; Fri, 7 Jun 2024 18:40:49 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=amacapital-net.20230601.gappssmtp.com header.s=20230601 header.b=avopVucP; spf=pass (imf19.hostedemail.com: domain of luto@amacapital.net designates 209.85.167.180 as permitted sender) smtp.mailfrom=luto@amacapital.net; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1717785649; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=VWP3oVZEyR0+a+YIhKNFwQ+oDZLDTYUDKfQwa7N72nY=; b=LY/T5hFC9dFamqygko2Pe49q6HUKsolgYybnxR+fTAy002Ov2yrOsJ2uZlW1xrSjZnfnbR L1w8W8ZCZpW0xRHK05PxPL9E7AcdTepN6Y2JI4TYxoK8JmNLbVfb5uCzu/avBwPtqBL+dU yfgj8YxanhPDjAaGoCOBdEmVSEKvAmU= ARC-Authentication-Results: i=1; imf19.hostedemail.com; dkim=pass header.d=amacapital-net.20230601.gappssmtp.com header.s=20230601 header.b=avopVucP; spf=pass (imf19.hostedemail.com: domain of luto@amacapital.net designates 209.85.167.180 as permitted sender) smtp.mailfrom=luto@amacapital.net; dmarc=none ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1717785649; a=rsa-sha256; cv=none; b=AkTYl4A5BcOwC8CH7be2e0QRFJL9yoxAwmFDxIy9B0CiibHSsrsrGkubICoIiJbgHObmIf uRY3wTn+RXSjavCDR0ZS0LaEbRKsI6Dp3iiwCmG+dyb3xqi7yajVW0dLeh6Taytu00VvFz BjFFqr5UAQRYE++MxT1PDNIKyEAU4M8= Received: by mail-oi1-f180.google.com with SMTP id 5614622812f47-3c9c36db8eeso1358968b6e.0 for ; Fri, 07 Jun 2024 11:40:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20230601.gappssmtp.com; s=20230601; t=1717785648; x=1718390448; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=VWP3oVZEyR0+a+YIhKNFwQ+oDZLDTYUDKfQwa7N72nY=; b=avopVucPWjyut3mU1LOKqKU8ZA4BpJdSelJMtZ7dfWH2xwohoK8Pn6ctwqdgaUUaeI 5hZcUveaKzSOeTacAv2T7ccFjtnf1cxuzWc2gCjDcLpFRS/GXFybjzajbJM8LUYvdsMM arwSUlK5/VqbCK7GTZbLcV3UkBu1ZlzijjqO3cezVapbnqeWJ7frHodP0arXZqP+2hKh eTkxm1I5sPDmZz3r6XiL5EMiAe0hg1ssBoLwRNO3wZMf83D3N4ZhGf3wTF+4S79XcFOk zZo6KbedvMuwFoU/ZX7yuD6JwdKr8gxUNW6lsfzA3O4or57y7n/PpSq44SgMRRzrmN71 u9Pg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1717785648; x=1718390448; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VWP3oVZEyR0+a+YIhKNFwQ+oDZLDTYUDKfQwa7N72nY=; b=LC8LB2rXC2V8Zi+WHo3AOgIF56wScaOyBk8GbTJo4IU5Vn0GQohmgET7eNKLqE9ULL CCcr34ZsZUStre43LltUyZs0CWDWSCJBdIY8GdfVfNsw1iJjbwqzA25Ed65Qqlb9TdmY AOkqEi7tKfo7B+7ylV/iLS/gpaU+3c9SKWSVTu/X23WA1XoYOlzHVHh/esKXOpC0yzbE 6Ws9D+DRKdrlPL+tsNzliti9kor7fL97A+bqNX9mJGmrTS4oTxQRgiRzxqQ5a/jhE5Fi 8GE2v413PitGm5kgZIuVItQ2ITaSqirm+kmjbMztJAFev1Y8v27JnG3Tk5wEBhsKYzSi qkoQ== X-Forwarded-Encrypted: i=1; AJvYcCWbesMDpV3jKKDLoZjbniSU4iqGzSpQ0rwXs8XYJ3IsXOnnx9Ai2vTOLB07O1K/OAojZ8pU9bwoabXNkLmsdHQDPsE= X-Gm-Message-State: AOJu0YzDa/Ie8UsGSqSmCtlyNNqpbPCnoU/1iaAbU0sXIiLrTFgr0pIM Pafx75eMFGDsW1WRIC3zXPpdd448jXblCMZ3ydK98WTQeeEMd6woGxwFoTgHJfP0i/4dgft1buH xBRNutCY4T/KIwl78Iz27Hzzadi9FQ0yLLCeG X-Google-Smtp-Source: AGHT+IGM13uj3U+ARgcKJSVs/VmcSppJ4o+ZTjupN8yH80mNMzyyWgUWj/akZRB539Rs2Rn6cvM6cRncobvhndjrU8I= X-Received: by 2002:a05:6871:e015:b0:250:7353:c8f2 with SMTP id 586e51a60fabf-254647efd11mr3404898fac.43.1717785646594; Fri, 07 Jun 2024 11:40:46 -0700 (PDT) MIME-Version: 1.0 References: <20240528122352.2485958-1-Jason@zx2c4.com> <20240528122352.2485958-2-Jason@zx2c4.com> In-Reply-To: <20240528122352.2485958-2-Jason@zx2c4.com> From: Andy Lutomirski Date: Fri, 7 Jun 2024 11:40:33 -0700 Message-ID: Subject: Re: [PATCH v16 1/5] mm: add VM_DROPPABLE for designating always lazily freeable mappings To: "Jason A. Donenfeld" Cc: linux-kernel@vger.kernel.org, patches@lists.linux.dev, tglx@linutronix.de, linux-crypto@vger.kernel.org, linux-api@vger.kernel.org, x86@kernel.org, Greg Kroah-Hartman , Adhemerval Zanella Netto , "Carlos O'Donell" , Florian Weimer , Arnd Bergmann , Jann Horn , Christian Brauner , David Hildenbrand , linux-mm@kvack.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 456811A0006 X-Stat-Signature: 9z6seskhh7kh34ghxj41erm4jcowqqug X-Rspam-User: X-HE-Tag: 1717785649-999544 X-HE-Meta: U2FsdGVkX19S1MFHykTTo6DIUO8/sUvouNL/HTj8s/6L5iCqcVmTNYlX8bk1N50En7BHpVB3xfKxKxvmEmT34PJgblaq9f5WTmRkvJrZypygBUpwfCEe0MUKAbRjQKzQ1Uvd0qy2zbQAwpItYs2cdMLEvLOIi5755ri/NxXujLhQmfFmAdsSixsB4Niar9+WwIDcQ24f6Ys6P4rU8g8OSML8UNwU7P+aditll1nc8ljI9tVFRaEY1eaECDqJt60OxDfO5QO5EIFArvdiyGCMYlaLrWBfr9IHqfkGU9Vz/rhjOQXi07tuIu4Fz28kBm7N6vSlFAwNNjAQYUimu+aTMn0MnbaGD+PjI9I4NorjIWbNZCDxj95J5Tjc3Gt6pUCeb5wGShmy3xfH1S215DDsFvxeaCmRENQ5/OdPoS/zyLqSnizAiIbbXNzZdBRC47lbPx+PMy7mFyb69w7iRPe2L2UOv2/eUJgTtSqoOPbimFoJxwTsFk9LN3nG868Humf9iwHhTymHeELbf5ZYJaNDvSPcpD4koG6K4RHAZ56AWH/eHDE5IAo+nIaxtO5ZCVkg2e4Z6tRI+NG8ClP+Vae5+5iag/senJ6xr4R6DgcCSqKFcQBS4VAWh3MXyym1N0l4YmQVPknMGRWiDfUEPpgd+oC7xMHIXUbH1/mbaqFLoYb3Tyf//2grcJAuAxxnRHC4IrSOJjg9InkEL+3QPwkjRyhUkj+ThWp2ShqM9OGf/N2iciMk5VbVURZOtLkgxCyOvmsKfthAwH6DowIYhc4da2zRNWaLOW5BQ5yTtys/Nn4OImqw/lsID/LPAEcA4q+sor0xM4fpMUoKbSx7NaqGc7peOrLsnHvQoaivrEAHg0Y+chkn7ueiHX+J/citvInEqnU53X9NerIendVC3SYXaeYI/NcDsnoo/K5A/I1CTI0Nf5iBCUDp54I3ttJP6w8PLNMDU4I8hF8SR2uVOOk 6gtwYb5Z JJcZYxLpGx0dXpuB+1l2AEV+RQvnCEIZWy2D+9OGG6ysDJ8bFxudUQqfWlXKxcxTKxySdui+Jj6uy5oHwEMw2IKdHl3OW8zvz1/wItnZuUGo3xndzeypaAS/XbD7sjtUjMHtGwvQzFW3mx228u/4yWzmbDwQ0wCn5Bf4ZIWAC7BtDORMcWAReZDcBkjhc4FwqWR/sG/+R3jJ3bvn7x81CB+u+eiV+/XbF6E1XV0PFKzjGw0mx+L6DBBK44kcYFA6FKRT9DlLHqqawP0AmeXA9NJAlKHCgLzonwD36PAyPNz5ySg5gxpz1/BedYLpboUXXsb1rqDvf/YJ6whRTwiGt364Fl23clbbx5OQQoEXjGM3xaQ7+JFdIrQlD0YmQ+4LHyHE8oPVuT0MCRQw= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000012, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, May 28, 2024 at 5:24=E2=80=AFAM Jason A. Donenfeld wrote: > > The vDSO getrandom() implementation works with a buffer allocated with a > new system call that has certain requirements: > > - It shouldn't be written to core dumps. > * Easy: VM_DONTDUMP. I'll bite: why shouldn't it be written to core dumps? The implementation is supposed to be forward-secret: an attacker who gets the state can't predict prior outputs. And a core-dumped process is dead: there won't be future outputs.