From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 375E9E77173 for ; Fri, 6 Dec 2024 20:50:17 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B8E298D000C; Fri, 6 Dec 2024 15:50:16 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id B07148D000B; Fri, 6 Dec 2024 15:50:16 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 97FE68D000C; Fri, 6 Dec 2024 15:50:16 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 773788D000B for ; Fri, 6 Dec 2024 15:50:16 -0500 (EST) Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 2A2DEC0328 for ; Fri, 6 Dec 2024 20:50:16 +0000 (UTC) X-FDA: 82865726034.01.EA6301D Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172]) by imf10.hostedemail.com (Postfix) with ESMTP id AADCFC0010 for ; Fri, 6 Dec 2024 20:50:06 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=JWiF110m; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf10.hostedemail.com: domain of isaacmanjarres@google.com designates 209.85.214.172 as permitted sender) smtp.mailfrom=isaacmanjarres@google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1733518198; a=rsa-sha256; cv=none; b=ccWmBnXQ1Z452ACobxcuJAbuFx3eEd4snxZi2z0hlXZaSb7owWh1XhBIOnHTHyWqfTcksL 7heZcwPDHET9xzdQOoiwj2UVVagLizU7xTvHbrP2yYx6lWzQcN42F+G8mOq0Zaq0Us3dwr d1p57tR7nZoZ5t68yMXHCAdDzlxoxqw= ARC-Authentication-Results: i=1; imf10.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=JWiF110m; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf10.hostedemail.com: domain of isaacmanjarres@google.com designates 209.85.214.172 as permitted sender) smtp.mailfrom=isaacmanjarres@google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1733518198; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=kIQnC6QifSuf9C4/nsTfcLNSPKAxynKHyi8fol7mDZo=; b=MRWNeV9YK/6rRD7aHmgaFDrTOvu0c1HBHtaHZKZ+4LaR7DnAgbyLDINdz94/qQd3p0z+SD 9UPawkL1wqP7/hvtYL0xjdMHZxLC2lxuLYMwZVVyNFxsjJBcKN1noL3DbEcC2QQeFQys0T u8ekQCTN9PCx8wB5L4IU67+XT2xa5wY= Received: by mail-pl1-f172.google.com with SMTP id d9443c01a7336-21625b4f978so28715ad.0 for ; Fri, 06 Dec 2024 12:50:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1733518213; x=1734123013; darn=kvack.org; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date:from:to :cc:subject:date:message-id:reply-to; bh=kIQnC6QifSuf9C4/nsTfcLNSPKAxynKHyi8fol7mDZo=; b=JWiF110mnWa1penF5kOysXCpDqPC7NP6fMfGm8znl/+S7YZBolIESgrjSCroXLVGRu Z8MuUx85i3bpCxwW28fGDq1WMayuUGeSuEjxR1R52iJa5UK2vm2sR7vcRXJ5u1GFSPBq LyjzihFzVJtDF/5a0yFHRiMBP4nVTlSAoqInHRv1i53Paji7Yh+LFnJzsFG7IwedrXH2 28l0anb06l19N/T+iTpTfXjITimFX3jc45WqoACSn8ZNJztFm5R0/748zGz4Ry+VVOY/ 7YaLEW+BmCKaijjdV3gBZ5NB2YRsMfuPyZPovscvI7VdG1FGL52wuXWOZ19ThHh6nE60 I7bg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733518213; x=1734123013; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=kIQnC6QifSuf9C4/nsTfcLNSPKAxynKHyi8fol7mDZo=; b=pdEoj6xSQESY8yyMbrpvSy5RDgUA4dmb7j73wlZHa/amiIWVBWnGukGWvIzwTd8M4m hR+go0DwWQXnOJLb4UA/ND6L8+j5+s0xWjeiWp0qQollWPHCF7Kfpvy5jaw9pF6Tyj7d Nls15xKcV7UWzrfWOphfR1hO6ElaK428KpEx/kPvv7xElx3rNctepGaVBF7Jb2CT2Hom QE3bM9tPQlWw+0gbvKrwTIUS7aBmqIn/RhWEFbBXBEQbd0ObicADeY3sz54IjfVrlklJ jFMbu51KoTfzukS/n3MW4c9DNpXt6oMBP1kDgBkCbne6ZQ0u0LqL/AB8yXjkEBeWabI4 y6Xw== X-Forwarded-Encrypted: i=1; AJvYcCW9UZJ5DSiIVqR1Hhyk6yJ5sIgZsenHLL7hhOGcfvvssr93Oy48bMTkMII3SwPONfU3sqWAlfALBA==@kvack.org X-Gm-Message-State: AOJu0YwA2QazUzJI16e8l6KDPk4ook5mZEkFZMcS9pssvfVm/GqVdDFl Z4SxSQyZO6FpescP6amyfouiacyuR1v19oiGEjLdND3nbnm24k05UldDjHzr1Q== X-Gm-Gg: ASbGncvCO81OS2LsV177FRInMCdc6gpfDr81dUemA3rnnQiodHRE2SFYgUoYGLFqDXG d102FD1x20zAlccvMOtG/OxChP0Z3z+HIFMBzO5846v2tqIki42u9MdtjDQYV7W9MkYd+LjqShK ZuTrT+AT1jszbgXGYGgXxpTFdtRPhZDWF2UY8a6t8r2PECIEUh7IGH5mWZHaqpUZgMmYO5kVJsa isljx+2Db0RLBGndX7IQ2+ky8WNi4/ue/TQN6PZufODaDYncQ== X-Google-Smtp-Source: AGHT+IE11QsSYdu5EzfTjQLwDvWU8Ay7LIt+L9MNUYsryjf+ALBnUiR7v52/e5aef5B1j//XzPS0RA== X-Received: by 2002:a17:903:174d:b0:215:a3e9:88cc with SMTP id d9443c01a7336-2162ad6a09emr331635ad.3.1733518212757; Fri, 06 Dec 2024 12:50:12 -0800 (PST) Received: from google.com ([2620:15c:2d:3:7caa:6c4:e72a:a87d]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2162c062f40sm35715ad.90.2024.12.06.12.50.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Dec 2024 12:50:12 -0800 (PST) Date: Fri, 6 Dec 2024 12:50:08 -0800 From: Isaac Manjarres To: Kalesh Singh Cc: Andrew Morton , Jeff Layton , Chuck Lever , Alexander Aring , "Liam R. Howlett" , Lorenzo Stoakes , Vlastimil Babka , Jann Horn , Shuah Khan , kernel-team@android.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kselftest@vger.kernel.org, Suren Baghdasaryan , John Stultz Subject: Re: [RFC PATCH v1 1/2] mm/memfd: Add support for F_SEAL_FUTURE_EXEC to memfd Message-ID: References: <20241206010930.3871336-1-isaacmanjarres@google.com> <20241206010930.3871336-2-isaacmanjarres@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: AADCFC0010 X-Stat-Signature: 7cdw61kuygb85morx6djam7igg9wbswo X-Rspam-User: X-HE-Tag: 1733518206-574087 X-HE-Meta: U2FsdGVkX18w7uVEB6n9TQr/s3OzEy6OWnGZ/GCrgeZMOVM1gHCC5XUxXnyFIlwonAznKOz7uqlVQaXwIsYut+A0T5ymhCx2FUPRydvIyMO3aYGY4aHOkGeevTOgvI0rwOayXYf1IaaxqcvSlcNSfe9qWMeRYYKZ4JfghZM2fkZqDcXUBFhhn52t1Y0daVfMxA4zXHcdjdvarJsMeBHNVMfI/TIQQawZd8ioAkGHFHO/NNG1sbE84M76Idnn/YekDgJJpYII8RLGQWFqGGl5qMq1o3PvqCBRftFO4g1etJHR5vr49nK+HVioWLVu/que38x8MQ0kine11uwVlBkVGPc83godgxk17wyr0v8BZXMh6ZWe5gPZN+4EhLY2lKTH2PeU8VyFLuI/2RNWC+p09/TqSC7TjfmHmwqG+pzc5Ez6lXh7w+9QanmpiPcSIggrxTqgAjB9Td2gdyrLh+Af0W7N4Er8NRWr9YagGGpdGoN23vFPBHP6wQDWQO5FXwywoxB0YDYobm4BCb55nSNFOoo6uQV1zFePKRnFx2qsjolXGw3lR0Z4PiWlAyeX3cUgsZZPw8ity7kO7k7O5b4zm7CBx0HJYnzkp/P7vXBiR1JlF/dI9dyN0gsp8xAL6sEAeqbVrjDnS4+nWBqZKm1tUmeuXE9fHO5lKrRsXfeieFRmK5/GY808two5kEaNw6KaiKX8uFD1yw1jfsACvC8rrNfejbLQTrCK4TVX712Wea5z/8jUeM1xpCPa9EvcYnooso7MA1rDemsYVOcAErGzQjI3Bn6T2L7IjtoImM7FI3qEcYkhMP6Oj25uQzznPhPjrnH3/O3i66IGK4fU1EoFCJ5XtoDZN2B5hs1EEabEAalLKeuq9gHMKly+YhlA47bHOanI+o0NMf2Zh5ditx849J3gD6UlQjN+8qW5YhIfoQt1lcVKdbABwUsKsZtTONUkrNRHWUiFiI4HIpv15qI dEqG9Nbc PhC6T/gFHmtNkdVBb6lQRJeTT2qrISeV47rBpz8Slq2YZ4Q/ceDhi3Ut5Uu/TufGVVaUFWxnlfPTcneZBxrgUvTwrmcvjcYIq2qbe6DAxdIS4kQcxbsSt0jHVoff+NlmTqEAlhN5GjkH3LbXoODwkq/ggA4KnLKQPEcHJftUL98PUqCPbEW9TV8UQbZ5CoYUd15j/TqfgALi2dIWvK7oXUnwI4ddBzWW7Vs855usJOYI61vKn7VGnDTXIjNur6Z5LBuq1rgNK/l8MaowvbiQS8XMiVpPoHMdY3QI7y59ZVzB8jWuYoRQmYz9gpZKE4jC+FM7dHv28vgW3UhKust5FnQBuYnfOn3afi4USeA/iu99RSj8iDNk0Hdmatp25wDmG3yQ03CEZZLn43DCVw4Vnn6Pgqt9rZclXCWUQZWn8IJFuRjC7WUDLuysAZrgwn99yG5OTUP7akd7aRdCoi60SctDOXZlEpxzMfmg8hVwpMzjmGtwfFjBOFeVukQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000729, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, Dec 06, 2024 at 09:49:35AM -0800, Kalesh Singh wrote: > On Thu, Dec 5, 2024 at 5:09 PM Isaac J. Manjarres > wrote: > > --- a/mm/mmap.c > > +++ b/mm/mmap.c > > @@ -375,6 +375,17 @@ unsigned long do_mmap(struct file *file, unsigned long addr, > > if (!file_mmap_ok(file, inode, pgoff, len)) > > return -EOVERFLOW; > > > > + if (is_exec_sealed(seals)) { > > + /* No new executable mappings if the file is exec sealed. */ > > + if (prot & PROT_EXEC) > > + return -EACCES; > > I think this should be -EPERM to be consistent with seal_check_write() > and mmap(2) man page: > > " EPERM The operation was prevented by a file seal; see fcntl(2)." > > Thanks, > Kalesh > Thanks for catching that Kalesh! I agree and will fix this in v2 of the series. Thanks, Isaac