From: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
To: Jeff Xu <jeffxu@chromium.org>
Cc: akpm@linux-foundation.org, keescook@chromium.org,
jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz,
Liam.Howlett@oracle.com, adhemerval.zanella@linaro.org,
oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net,
linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org,
linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com,
hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de,
adobriyan@gmail.com, johannes@sipsolutions.net,
pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org,
anna-maria@linutronix.de, mark.rutland@arm.com,
linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de,
rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com,
f.fainelli@gmail.com, gerg@kernel.org,
dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org,
mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org,
ardb@google.com, enh@google.com, rientjes@google.com,
groeck@chromium.org, mpe@ellerman.id.au,
aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com
Subject: Re: your mail
Date: Wed, 26 Feb 2025 05:42:53 +0000 [thread overview]
Message-ID: <f65bd1bf-4e81-454a-afaa-f84c13cc6227@lucifer.local> (raw)
In-Reply-To: <CABi2SkXcgB1Zjztqc1W4M-5j9z_wMCRaEtK-wLL3x9_qC1aGHQ@mail.gmail.com>
On Tue, Feb 25, 2025 at 04:12:40PM -0800, Jeff Xu wrote:
> On Tue, Feb 25, 2025 at 7:18 AM Lorenzo Stoakes
> <lorenzo.stoakes@oracle.com> wrote:
> >
> > Jeff - looking further in this series, I asked for a couple things for this
> > series which you've not provided:
> >
> > 1. Some assurance based on code that the kernel-side code doesn't rely on
> > VDSO/VVAR etc. mapping. I gave up waiting for this and went and checked
> > myself, it looks fine for arm64, x86-64. But it might have been nice had
> > you done it :) Apologies if you had and I just missed it.
> >
> Thanks for checking this.
> Do ppc in kernel code unmap/remap vdso ?
>
> I am aware that userspace can remap/unmap special mappings, but I
> don't know if the kernel will remap/unmap a special mapping. Could you
> please point out the code ?
Again as discussed in other thread, let's leave this until as/when you try
to attack PPC. I am not 100% this is the case, I may be mistaken sure, but
gathered it _might_ be.
>
>
> > 2. Tests - could you please add some tests to assert that mremap() fails
> > for VDSO for instance? You've edited an existing test for VDSO in x86 to
> > skip the test should this be enabled, but this is not the same as a self
> > test. And obviously doesn't cover arm64.
> >
> > This should be relatively strightforward right? You already have code
> > for finding out whether VDSO is msealed, so just use that to see if you
> > skip, then attempt mremap(), mmap() over etc. + assert it fails.
> >
> > Ideally these tests would cover all the cases you've changed.
> >
> It is not as easy.
>
> The config is disabled by default. And I don't know a way to detect
> KCONFIG from selftest itself. Without this, I can't reasonably
> determine the test result.
Please in future let's try to get this kind of response at the point of the
request being made :) makes life much easier.
So I think it is easy actually. As I say here (perhaps you missed it?) you
literally already have code you added to the x86 test to prevent test
failure.
So you essentially look for [vdso] or whatever, then you look up to see if
it is sealed, ensure an mremap() fails.
Of course this doesn't check to see if it _should_ be enabled or not. I'm
being nice by not _insisting_ we export a way for you to determine whether
this config option is enabled or not for the sake of a test (since I don't
want to hold up this series). But that'd be nice! Maybe in a
/sys/kernel/security endpoint...
...but I think we can potentially add this later on so we don't hold things
up here/add yet more to the series. I suspect you and Kees alike would
prioritise getting _this series_ in at this point :)
You could, if you wanted to, check to see if /proc/config.gz exists and
zgrep it (only there if CONFIG_IKCONFIG_PROC is set) and assert based on
that, but you know kinda hacky.
But anyway, FWIW I think it'd be useful to assert that mremap() or munmap()
fails here for system mappings for the sake of it. I guess this is, in
effect, only checking mseal-ing works right? But it at least asserts the
existence of the thing, and that it behaves.
Later on, when you add some way of observing that it's enabled or not, you
can extend the test to check this.
Thanks!
next prev parent reply other threads:[~2025-02-26 5:43 UTC|newest]
Thread overview: 122+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-24 22:52 [PATCH v7 0/7] mseal system mappings jeffxu
2025-02-24 22:52 ` [PATCH v7 1/7] mseal, system mappings: kernel config and header change jeffxu
2025-02-25 6:05 ` Lorenzo Stoakes
2025-02-26 1:33 ` Jeff Xu
2025-02-26 6:04 ` Lorenzo Stoakes
2025-02-28 0:04 ` Jeff Xu
2025-02-28 10:32 ` Lorenzo Stoakes
2025-02-25 15:22 ` Liam R. Howlett
2025-02-25 15:37 ` Lorenzo Stoakes
2025-02-26 0:04 ` Jeff Xu
2025-02-24 22:52 ` [PATCH v7 2/7] selftests: x86: test_mremap_vdso: skip if vdso is msealed jeffxu
2025-02-25 6:15 ` Lorenzo Stoakes
2025-02-25 22:37 ` Jeff Xu
2025-02-26 5:58 ` Lorenzo Stoakes
2025-02-24 22:52 ` [PATCH v7 3/7] mseal, system mappings: enable x86-64 jeffxu
2025-02-25 1:03 ` Kees Cook
2025-02-26 0:21 ` Jeff Xu
2025-02-25 8:08 ` Thomas Weißschuh
2025-02-26 0:48 ` Jeff Xu
2025-02-26 7:35 ` Thomas Weißschuh
2025-02-27 21:44 ` Jeff Xu
2025-02-24 22:52 ` [PATCH v7 4/7] mseal, system mappings: enable arm64 jeffxu
2025-02-25 6:20 ` Lorenzo Stoakes
2025-02-25 22:26 ` Jeff Xu
2025-02-26 5:25 ` Lorenzo Stoakes
2025-02-26 17:11 ` Liam R. Howlett
2025-02-26 17:17 ` Jeff Xu
2025-02-26 17:43 ` Lorenzo Stoakes
2025-02-26 18:14 ` Lorenzo Stoakes
2025-02-28 0:48 ` Jeff Xu
2025-02-28 10:31 ` Lorenzo Stoakes
2025-02-24 22:52 ` [PATCH v7 5/7] mseal, system mappings: enable uml architecture jeffxu
2025-02-25 6:22 ` Lorenzo Stoakes
2025-02-25 8:45 ` Berg, Benjamin
2025-02-25 10:37 ` Lorenzo Stoakes
2025-02-25 12:24 ` Benjamin Berg
2025-02-25 13:41 ` Lorenzo Stoakes
2025-02-25 13:59 ` Johannes Berg
2025-02-25 15:06 ` Kees Cook
2025-02-25 15:31 ` Lorenzo Stoakes
2025-02-25 18:38 ` Kees Cook
2025-02-26 0:00 ` Jeff Xu
2025-02-24 22:52 ` [PATCH v7 6/7] mseal, system mappings: uprobe mapping jeffxu
2025-02-25 6:24 ` Lorenzo Stoakes
2025-02-26 0:06 ` Jeff Xu
2025-02-26 5:57 ` Lorenzo Stoakes
2025-02-26 16:26 ` Oleg Nesterov
2025-02-26 16:33 ` Oleg Nesterov
2025-02-26 16:45 ` Lorenzo Stoakes
2025-02-26 18:01 ` Oleg Nesterov
2025-02-26 18:06 ` Lorenzo Stoakes
2025-02-26 18:19 ` Liam R. Howlett
2025-02-26 18:20 ` Oleg Nesterov
2025-02-26 18:25 ` Lorenzo Stoakes
2025-02-27 23:38 ` Jeff Xu
2025-02-28 10:39 ` Lorenzo Stoakes
2025-02-27 21:48 ` Jeff Xu
2025-02-24 22:52 ` [PATCH v7 7/7] mseal, system mappings: update mseal.rst jeffxu
2025-02-24 23:03 ` [PATCH v7 0/7] mseal system mappings Pedro Falcato
2025-02-24 23:07 ` Jeff Xu
2025-02-25 6:09 ` Lorenzo Stoakes
2025-02-25 10:32 ` Lorenzo Stoakes
2025-02-26 0:17 ` Jeff Xu
2025-02-26 6:00 ` Lorenzo Stoakes
2025-02-27 23:43 ` Jeff Xu
2025-02-28 10:32 ` Lorenzo Stoakes
2025-02-25 15:18 ` Lorenzo Stoakes
2025-02-26 0:12 ` Jeff Xu
2025-02-26 5:42 ` Lorenzo Stoakes [this message]
2025-02-28 0:55 ` your mail Jeff Xu
2025-02-28 9:35 ` Lorenzo Stoakes
2025-02-28 17:24 ` Jeff Xu
2025-02-28 17:30 ` Lorenzo Stoakes
-- strict thread matches above, loose matches on Subject: below --
2023-05-10 19:01 [PATCH] maple_tree: Fix a few documentation issues, Thomas Gleixner
2023-05-15 19:27 ` your mail Liam R. Howlett
2023-05-15 21:16 ` Thomas Gleixner
2023-05-16 22:47 ` Thomas Gleixner
2023-05-23 13:46 ` Liam R. Howlett
[not found] <20190225201635.4648-1-hannes@cmpxchg.org>
2019-02-26 23:49 ` Roman Gushchin
2017-04-10 11:03 [PATCH -v2 0/9] mm: make movable onlining suck less Michal Hocko
2017-04-15 12:17 ` Michal Hocko
2017-04-17 5:47 ` your mail Joonsoo Kim
2017-04-17 8:15 ` Michal Hocko
2017-04-20 1:27 ` Joonsoo Kim
2017-04-20 7:28 ` Michal Hocko
2017-04-20 8:49 ` Michal Hocko
2017-04-20 11:56 ` Vlastimil Babka
2017-04-20 12:13 ` Michal Hocko
2017-04-21 4:38 ` Joonsoo Kim
2017-04-21 7:16 ` Michal Hocko
2017-04-24 1:44 ` Joonsoo Kim
2017-04-24 7:53 ` Michal Hocko
2017-04-25 2:50 ` Joonsoo Kim
2017-04-26 9:19 ` Michal Hocko
2017-04-27 2:08 ` Joonsoo Kim
2017-04-27 15:10 ` Michal Hocko
2012-10-04 16:50 Andrea Arcangeli
2012-10-04 18:17 ` your mail Christoph Lameter
2010-06-16 16:33 Jan Kara
2010-06-16 22:15 ` your mail Dave Chinner
2010-06-22 2:59 ` Wu Fengguang
2010-06-22 13:54 ` Jan Kara
2010-06-22 14:12 ` Wu Fengguang
[not found] <1131.86.55.168.2.1170690089.squirrel@mail.thinknet.ro>
2007-02-05 12:36 ` Joerg Roedel
2003-01-24 5:54 Anoop J.
2003-01-24 6:28 ` David Lang
2003-01-24 8:51 ` Anoop J.
2003-01-24 8:48 ` David Lang
2003-01-24 9:49 ` Anoop J.
2003-01-24 19:14 ` David Lang
2003-01-24 19:40 ` Maciej W. Rozycki
2003-01-24 5:08 (unknown), Anoop J.
2003-01-24 5:11 ` your mail David Lang
2003-01-24 6:06 ` John Alvord
2003-01-25 2:29 ` Jason Papadopoulos
2003-01-25 2:26 ` Larry McVoy
2003-01-25 17:47 ` Eric W. Biederman
2003-01-25 23:10 ` Larry McVoy
2003-01-26 8:12 ` David S. Miller
2002-04-21 14:54 raciel
2002-04-21 19:12 ` your mail William Lee Irwin III
2002-01-02 14:20 mehul radheshyam choube
2002-01-03 16:40 ` your mail Rik van Riel
2001-08-04 11:10 Mahmoud Taghizadeh
2001-08-04 13:18 ` your mail Francois Romieu
2001-06-08 1:36 jnn
2001-06-08 13:16 ` your mail Ralf Baechle
2000-09-04 12:01 Sahil
2000-09-04 15:35 ` your mail Rik van Riel
2000-03-28 8:19 pnilesh
2000-03-28 13:26 ` Stephen C. Tweedie
1998-02-25 22:15 Rik van Riel
1998-02-25 22:48 ` your mail Linus Torvalds
1998-02-25 23:26 ` Rik van Riel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f65bd1bf-4e81-454a-afaa-f84c13cc6227@lucifer.local \
--to=lorenzo.stoakes@oracle.com \
--cc=42.hyeyoo@gmail.com \
--cc=Jason@zx2c4.com \
--cc=Liam.Howlett@oracle.com \
--cc=adhemerval.zanella@linaro.org \
--cc=adobriyan@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=aleksandr.mikhalitsyn@canonical.com \
--cc=anna-maria@linutronix.de \
--cc=ardb@google.com \
--cc=ardb@kernel.org \
--cc=avagin@gmail.com \
--cc=benjamin@sipsolutions.net \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=deller@gmx.de \
--cc=enh@google.com \
--cc=f.fainelli@gmail.com \
--cc=gerg@kernel.org \
--cc=groeck@chromium.org \
--cc=hca@linux.ibm.com \
--cc=hch@lst.de \
--cc=jannh@google.com \
--cc=jeffxu@chromium.org \
--cc=johannes@sipsolutions.net \
--cc=jorgelo@chromium.org \
--cc=keescook@chromium.org \
--cc=linus.walleij@linaro.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mark.rutland@arm.com \
--cc=mhocko@suse.com \
--cc=mike.rapoport@gmail.com \
--cc=mingo@kernel.org \
--cc=mpe@ellerman.id.au \
--cc=ojeda@kernel.org \
--cc=oleg@redhat.com \
--cc=pedro.falcato@gmail.com \
--cc=peterx@redhat.com \
--cc=peterz@infradead.org \
--cc=rdunlap@infradead.org \
--cc=rientjes@google.com \
--cc=sroettger@google.com \
--cc=thomas.weissschuh@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=vbabka@suse.cz \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox