From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id EADC6C4167B for ; Fri, 16 Dec 2022 17:16:22 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 8AA288E0002; Fri, 16 Dec 2022 12:16:22 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 8598F8E0001; Fri, 16 Dec 2022 12:16:22 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 770648E0002; Fri, 16 Dec 2022 12:16:22 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 6714D8E0001 for ; Fri, 16 Dec 2022 12:16:22 -0500 (EST) Received: from smtpin30.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 1D8151211A0 for ; Fri, 16 Dec 2022 17:16:22 +0000 (UTC) X-FDA: 80248823004.30.D5E5AC6 Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) by imf30.hostedemail.com (Postfix) with ESMTP id 5201A80020 for ; Fri, 16 Dec 2022 17:16:19 +0000 (UTC) Authentication-Results: imf30.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=NzIXW8IP; spf=pass (imf30.hostedemail.com: domain of jeffxu@google.com designates 209.85.214.169 as permitted sender) smtp.mailfrom=jeffxu@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1671210979; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=1vFt+PxUURFiZfVHrvBsmq3MYjQQnliB4U9G0LtHwvo=; b=ftSmVGE2q3/BsfMv2wdRnLWSXQV449Wf1ReiupKwQ5ZDDAOvyhL31gKXaERZXOBRpGK4OX hG8mF9jcmEnpw2Yzlj/GhMISKLtUkDGyh3I8qeM5Yl1Wur7JnpWCzPs/AMq7MeK34wLJ/A 3+ZF+ggUxsL4Nhsw/hItknTXHe/pV7U= ARC-Authentication-Results: i=1; imf30.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=NzIXW8IP; spf=pass (imf30.hostedemail.com: domain of jeffxu@google.com designates 209.85.214.169 as permitted sender) smtp.mailfrom=jeffxu@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1671210979; a=rsa-sha256; cv=none; b=x2tYr4IIjo312Ps5eDZbBqynxAeN3ydg+5sadyZRe3GmrMeL7WTqE7SUel+0MlfMCtZI96 Bbyj1tDLAG8UJQT9uu5t5J5RyX+RM8pKfZ37heLgQ7AJKZgAhnKrh1rrX+F3WFEEJIToyy ZgPuqDlCaIR8uqR7C+lgTH7l1N8+YqY= Received: by mail-pl1-f169.google.com with SMTP id w23so2910596ply.12 for ; Fri, 16 Dec 2022 09:16:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=1vFt+PxUURFiZfVHrvBsmq3MYjQQnliB4U9G0LtHwvo=; b=NzIXW8IPm6aqdfZVn8wF9pvH9EX2CYlT+NecBtjOLfEuyXc+cx2NKGt5J+FnKO1bjJ TrF0y0yo6mVxhuVq30y+t91fPsGX6xGd9sb28pCmi+59SPnJev9IpMY/dcGPJmgXxLzp uYMcp6cAQtYqy4jgdLA97Jt9m1/T5UmPMFJisqTII7KPitmCMZEDdbkzlV2rVl6bYHA4 cHbNfGO25NidGQjLdH+U6LTY95WHrEs/cMS3wJB4NiEqJbZc8YCuwLiuoX1snZ9fquUB 6TFyUQQ35fJyhZeTgW8uzcMzgbwY2W4AZcTPgGrzdmrUN5UHDplf+8ch5izUjtf2VG6v UsfA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=1vFt+PxUURFiZfVHrvBsmq3MYjQQnliB4U9G0LtHwvo=; b=39tuYzHnIjCZQ+xQNaSOUBP3int448LtZeTL2K9O+WtVyx4qn/5fJS0kM4XoOVMxuU OG7rwui1qWwKvAit8oqZ1KmyjfL6aphUfiDpJfW2McFx0O1g/zzhn9mQl0+pjX0oojJx ZMMt2M7YEINuBjYrptrCAdv56LcEr5hEW9HGA/PcM/Ofz3AeJhh9aOyj1nnH1aqLmhBl LJPkPm9LfKfAoP2jsXwdkRX0GUSJmmsrpyqKj4JGywfaINEMiJkMFbXtytzQxt121Klu oHFvZvA511KviSgrNYRIHMld0WjKlWi6GLYHea2boUI1Nc4JKeIRIlyeG/zGG/GlPhBT EPZQ== X-Gm-Message-State: AFqh2ko3EpyvoV/J6JMK1OSWt2BE2dtXgHcPiVUusBw5jl8aLJ8EK9tU /o+VDX34yTbzOIWi2TAfO/5OFA2bh3F4+XY69BYiHQ== X-Google-Smtp-Source: AMrXdXvvu/Vp44NQhthEXWvCfyRa+UVxHXgPTglhTuliY9e8JxjquA4ilh9D3roeSj0Fhi+0+KgwBHTBi2wbT081p2k= X-Received: by 2002:a17:90a:69c7:b0:21a:8dc:1b5e with SMTP id s65-20020a17090a69c700b0021a08dc1b5emr653725pjj.26.1671210977931; Fri, 16 Dec 2022 09:16:17 -0800 (PST) MIME-Version: 1.0 References: <20221207154939.2532830-1-jeffxu@google.com> <20221207154939.2532830-4-jeffxu@google.com> <202212080821.5AE7EE99@keescook> In-Reply-To: From: Jeff Xu Date: Fri, 16 Dec 2022 09:15:40 -0800 Message-ID: Subject: Re: [PATCH v6 3/6] mm/memfd: add MFD_NOEXEC_SEAL and MFD_EXEC To: Peter Xu Cc: Kees Cook , jeffxu@chromium.org, skhan@linuxfoundation.org, akpm@linux-foundation.org, dmitry.torokhov@gmail.com, dverkamp@chromium.org, hughd@google.com, jorgelo@chromium.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, jannh@google.com, linux-hardening@vger.kernel.org, kernel test robot Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 5201A80020 X-Stat-Signature: c3ykn6hoe5n6ht9ni41n9zmxsdu6zean X-Rspam-User: X-Rspamd-Server: rspam08 X-HE-Tag: 1671210979-581261 X-HE-Meta: U2FsdGVkX1/G6xcwoVjqZMS74YLMOVTp+M1rxQY+yJAnJNsuFXgOTDzMbFfSf9eOLAv6AxvMMIbpeUp7GiwfpdH0zOQrM5T1rlL3+RYNdSo44QBcVJWTExVc3hh/inKfb/G1lnA9N3ngW+9kCghDKugv0w/bm6Bw9if8KoBdxW90vW+xpKSIB983ufSV8hZqODwAfom3fAoSBvzUETCYCspqzPlu4LI+4ljh4VCtg2Csk6YX6YqDmbGEH7+qo31Fkwqd5qrUeo605AZpYKN2P06ntIromY8CVlg9JPvbR0ODJqX7F42Ac+c5ZWQescofuynEedOgE4gB292zsGHavWwOQyr8Yz+QM2gPzAi7W9ayI1hgQ/tFxRuCn2xc+pFl2IO6zES4BWdF/oKGhF/++xSTP2j1VBk9BKdo+fB4DC6nUCIOFQz6Ybv64E7WvAZtgPyiO/Pig5IuTkX1isAOv2YgY3o13sjagCbRce1vFUUhLqAvV56oGnBJLodSY1MZe6sFAgIZi+v5Tm7AiAxhruy/p25/UkzYILViRkT3AkwxIdh5WmjS3UChqikIXeyM4jEmq0OJ/+CMld/yrQR8LokvpoER1cF/xlV830VA2VamOrjg4ocRJp2nZiFiD1gTxMXZIm3Ouls/AZN3GPPkwL5D5VwCzk9Ac+DOvG1cBE/DR0s68eq6pDTnOSD+SXE036ixftzTypOirPuOl7jF37x/Kn13+jlLkDbCwaOHGrLY70FhcMQQTg2jTTrPF01n8DYYtynILnRTv2/PaQyWvkRzglCFWIX2nDXdCnd1TON7Urw/F4qgENWYF0sMX66owZDQie9Yh88ThM2kDeZbNTlqqP7cYUJRuEF4wBKjN8KcmaM/Y+Zk9NuvDMD16s8hU555TbWnArZGwk7jOVTe4XUTDnWVW4lOmhAKd2CRedBfgSDFXvcEtprEZS4e5d8TaGcWPVs34iNO+pRTQ7M hibsV6jE q8Xg50iPSZP5Ocuipkj0mfoZu7SzZFFtLapWgh7xIHK9zfSvzABEu9gF/hxRSVLtbb5H93VpT6AkYqLYKYSkDd/e+xp0+kiuBQ93W82c4DeMkxUiJ/ZcZMj1cC9HOf4CLSybP X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Fri, Dec 16, 2022 at 7:47 AM Peter Xu wrote: > > Hi, Jeff, > > On Thu, Dec 08, 2022 at 02:55:45PM -0800, Jeff Xu wrote: > > > > + if (!(flags & (MFD_EXEC | MFD_NOEXEC_SEAL))) { > > [...] > > > > > + pr_warn_ratelimited( > > > > + "memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=%d '%s'\n", > > > > + task_pid_nr(current), get_task_comm(comm, current)); > > This will be frequently dumped right now with mm-unstable. Is that what it > wanted to achieve? > > [ 10.822575] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=491 'systemd' > [ 10.824743] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=495 '(sd-executor)' > ... > > If there's already a sane default value (and also knobs for the user to > change the default) not sure whether it's saner to just keep it silent as > before? > Thanks for your comments. The intention is it is a reminder to adjust API calls to explicitly setting this bit. The sysctl vm.memfd_noexec = 0 1 is for transaction to the final state, and 2 depends on API call setting this bit. The log is ratelimited, and there is a rate limit setting: /proc/sys/kernel/printk_ratelimit /proc/sys/kernel/printk_ratelimit_burst Best regards, Jeff > -- > Peter Xu >