From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A9715C02198 for ; Wed, 12 Feb 2025 14:09:10 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B53316B0085; Wed, 12 Feb 2025 09:09:09 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id B02196B0088; Wed, 12 Feb 2025 09:09:09 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9F09F6B0089; Wed, 12 Feb 2025 09:09:09 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 839F46B0085 for ; Wed, 12 Feb 2025 09:09:09 -0500 (EST) Received: from smtpin25.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 97AD0B3E31 for ; Wed, 12 Feb 2025 14:09:08 +0000 (UTC) X-FDA: 83111474376.25.4730AE0 Received: from sipsolutions.net (s3.sipsolutions.net [168.119.38.16]) by imf09.hostedemail.com (Postfix) with ESMTP id 8B09C14000D for ; Wed, 12 Feb 2025 14:09:06 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=sipsolutions.net header.s=mail header.b=h+VbIupq; spf=pass (imf09.hostedemail.com: domain of johannes@sipsolutions.net designates 168.119.38.16 as permitted sender) smtp.mailfrom=johannes@sipsolutions.net; dmarc=pass (policy=none) header.from=sipsolutions.net ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1739369346; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Elf/FaTDK9fVRFnIY3VNHEhn1eL3NZf69mLnjaztmRU=; b=bmb14dd5ICA9NlZ9QQQbo0ZuzzK7MTSRVK2XwT3A6jsNvC4VAyDKPACpNl7amZz2q0SbUJ M7qkkfDXQi40EhM8Ac5kjvZWaOUHlQXo3npFy/rNb/HWAvAVOC7xRLc7Q0snGWzNPtQ+UX XAWa67YGnYo1CbpWKkK4OQm9+f0IsU8= ARC-Authentication-Results: i=1; imf09.hostedemail.com; dkim=pass header.d=sipsolutions.net header.s=mail header.b=h+VbIupq; spf=pass (imf09.hostedemail.com: domain of johannes@sipsolutions.net designates 168.119.38.16 as permitted sender) smtp.mailfrom=johannes@sipsolutions.net; dmarc=pass (policy=none) header.from=sipsolutions.net ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1739369346; a=rsa-sha256; cv=none; b=JLzuNR//sOkVNrKDXhDxMqwG/13RmTAb7NjEdp0k6z/UJ60PS50S82EvmHgweGkoJ1qoui 9mxr4UUYFFYaiBzmxHxQnm/r16dKO8TTbW1ZAief4awYzsgUmZVGUgt68qMh42639DXmE1 icBwGoKm8+4NJgiXq1V+mqnBLmkf3pU= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sipsolutions.net; s=mail; h=MIME-Version:Content-Transfer-Encoding: Content-Type:References:In-Reply-To:Date:Cc:To:From:Subject:Message-ID:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-To: Resent-Cc:Resent-Message-ID; bh=Elf/FaTDK9fVRFnIY3VNHEhn1eL3NZf69mLnjaztmRU=; t=1739369346; x=1740578946; b=h+VbIupqyLrZMejYy3G7xvkyjYcf2w4xWvEytdIkiy5U6OI ehfDhNuu7n12oEcHprUDrW0D4phYfPgxAKRo70+bXsbhYgaoZY5ihN23Pv+Oyehqz4Xxfj4XvI3+V qtj5VYgoh2CMFCkqQeyLN+/ZiOUkUVy9yg5isnBlGozjtz3+T1JiFUoOFKUKFZO8qzc8ssCwRZ+ve 7GnqwR5mvnLLCNdAQKjWkBpC4r6gCEo0ABlXqy7XNTx3oOZPFwniaRZRG3KPMC2gYMjY9L3NS5Zwa T7fRE/L3G5bAsS+cZr63bWClrP11MafR0jgRVnw8SLHPlZJ7O5olP8LwUxvXnxXw==; Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.98) (envelope-from ) id 1tiDQ5-0000000CFTu-2Jhk; Wed, 12 Feb 2025 15:08:54 +0100 Message-ID: Subject: Re: [RFC PATCH v5 0/7] mseal system mappings From: Johannes Berg To: Lorenzo Stoakes , Pedro Falcato Cc: jeffxu@chromium.org, akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, Liam.Howlett@oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com Date: Wed, 12 Feb 2025 15:08:51 +0100 In-Reply-To: <7545d5eb-a16e-4cc8-a9e3-5431be01aade@lucifer.local> References: <20250212032155.1276806-1-jeffxu@google.com> <7545d5eb-a16e-4cc8-a9e3-5431be01aade@lucifer.local> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.54.3 (3.54.3-1.fc41) MIME-Version: 1.0 X-malware-bazaar: not-scanned X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 8B09C14000D X-Stat-Signature: jmq9ha43tfasf3mrjmysbfouuaxnizn6 X-Rspam-User: X-HE-Tag: 1739369346-725552 X-HE-Meta: U2FsdGVkX19AxbcduK6hlBp33PMvZ06jYg1SwJZ3FPs+mci1GeASh8Pb6GP+e6bjTEdaD79pq7jn8zK24+/h+85NzldYgEwe4D7K1tEQW+ceCIC75xw7J2w5seLVOSNhIGic7YNtbmP9Rd133VICSiBQFUpnkwOh70irVFhDbFU2Qt+2LekmlYikoccjf3IBHdu7s108Qq+SiRZrZTjciofPrHdoDjVVs/D3yqLR0eB70WcOlLDdtqd1jIWTJzE/aum4/UgIiN76UZyGpx5i+LNOyG6ZEITyL7Kl9BwhPgc98lENyAP3L2VNiiDOJPfITgABJgupWquq0jrXlZLZaXcq7/+kFom8UE26R3w82uNZ1ML1QEbrdT1MdY5laDoqdD/jreQGKmdvD5XJWWq08c/7It/O/7hOktVAFi+bZ/IDIRjBWh5hpwld3b+qa1pIrPG0kwOOMJKD5QQSY491rXgXGMRlbFfMlpR1uCSi3JJFvRqKtwLDUBgRLz7Ik/dVDmUcN09k486uSWV3MzFBn5ZnjsJ3X/TJTozL6zLATn0EwSL0j97Sp16KjRqj/wDsd7JdHczKQlX79A0w4DIon2YoNWtnejPoPUuptJk97FAEUTLubOx5wtS8lR3fKOmt8ydDXZvst5LzXUXSeTnc0vqEuOvCgdpsNCyX3ga1AlhcwytP/YWfSO+h6+cA4PEUpYdR1tl3Y7ZXD3TmQ+gHsA1qwZ2CzykLIel05bLSFx1xTKl91M8P0H7ZvLrE4VW4USCmN7nSP6ziwyY9oxKKps98jnZhC7NK/yAe7Z18MiU+/d+VNj52fPQDSfji756V3ZpeobfyE2QtgOJF/eSGr8wwmn6/ljQRgccllLyBqH2g5LS5JCJgAre56UiWXbq9DVprOaOWptZcwRJSY9mgzgQV3FCMEnAnqPZ0KSHLSxyzQnWDpRo1ZAaxWsHykgUvq5klQTTjTB0w7YwTEjh mb6BLBE6 hEwjEVGGZSyxWrDzCXPkEa5sWUIMrBJRVPLNRr95NthYQsbzC1v+g/XDGpRHwU963vIV1FnUb3Qdyv1S97cKiGIYfEZJ/0IiGWgDesoI8/1pOVJ+OCv2ZC0tH5+SHrv8Iq/bzgZA8FnmD1MlRIjl13ymOSA1Lefvl2cicEjvEDv7MnObJM98PCQT9LquMT5JQ/XpJzVuuwTO7M4ohjnQJpiSRn5bbT9tNhwCd45ZdtO5MxjrVjk4pSW+iST6ub9ejzjgXWy8UrNL53BtdK72WPCj+Dp+FCIJzeaGSOfkrwAuQd9Qd5YCBK91JkBiH3D4HGbHAQbcyn5tFeUY3+PMg2ydFzOIi5gmzs1KiftifvBLVeQI= X-Bogosity: Ham, tests=bogofilter, spamicity=0.004884, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Wed, 2025-02-12 at 14:01 +0000, Lorenzo Stoakes wrote: > Thanks, yeah that's a good point, it would have to be implemented as a > personality or something similar otherwise you're essentially relying on > 'unsealing' which can't be permitted. >=20 > I'm not sure how useful that'd be for the likes of rr though. But I suppo= se > if it makes everything exec'd by a child inherit it then maybe that works > for a debugging session etc.? For whatever that's worth, ARCH=3Dum should not need 'unsealing' or 'not sealing' it for *itself*, but rather only for the *children* it starts, which are for the userspace processes inside of it. Which I suppose could actually start without a VDSO in the first place, but I don't think that's possible now? Which I'll note should not have access to the host, so in a way this outer security feature (sealing) breaks the inner ARCH=3Dum security, I think. johannes