From patchwork Wed Feb 12 03:21:54 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13971024 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5BA97C021A0 for ; Wed, 12 Feb 2025 03:22:15 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DFCF96B0093; Tue, 11 Feb 2025 22:22:06 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id DAC9E6B0095; Tue, 11 Feb 2025 22:22:06 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BFE80280001; Tue, 11 Feb 2025 22:22:06 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id A03686B0093 for ; Tue, 11 Feb 2025 22:22:06 -0500 (EST) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 303E21C7489 for ; Wed, 12 Feb 2025 03:22:06 +0000 (UTC) X-FDA: 83109843852.07.93A0803 Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by imf15.hostedemail.com (Postfix) with ESMTP id A770EA0007 for ; Wed, 12 Feb 2025 03:22:03 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=JhB4NGwT; spf=pass (imf15.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.178 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1739330523; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ZDmXk529F7J07bTvTA0+iYc1CKNvDiUkVRu5HOXs43g=; b=7PLyAyazoKw8AOSI7VchUXXy5xyMUKBSNPSRdFnGKuNLJxEh7vI4hhLNggVOuqzg+293MH XYdJk2N9WFwPErIvqWzBynfE1PVNLZSu+xvkJ6YFGWif10kr3OaKbRHuXjn7/heEO2C2uF cZ03YTMcujED/SFNO+LlLNF3POf6LcY= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=JhB4NGwT; spf=pass (imf15.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.178 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1739330523; a=rsa-sha256; cv=none; b=ICnGZxydPZSbe6qoLqpf6oEeadke9WZ8NAzOpVP1xv/HCYwp+B5PBvXDzdqFnOYGrVn9gN Wr8shtHTO9LxEVvt411f3obsF9O33ne6wI3JBYVFwCATlzQ3LTn4ELxBfBNyYdWoTOUAkP WNCAvVWOGnOENL2arFHwSrZomz1AaU0= Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-21f5015bce7so7983745ad.2 for ; Tue, 11 Feb 2025 19:22:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1739330522; x=1739935322; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ZDmXk529F7J07bTvTA0+iYc1CKNvDiUkVRu5HOXs43g=; b=JhB4NGwTRxXGssPehRlleW01sEPQuYt0ge5daxk9Q2cD0B377/CsgWnpnZlA59fpAd U071/spynJ0L72HI9iAbk9+CDUi9ptTTpbjhP5SVKDfW16lUv2foMe2oENgIq949L+oK hD9FeS8QgYyz/ct0wpkFXAbVajjQmaCPAYWJ0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739330522; x=1739935322; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZDmXk529F7J07bTvTA0+iYc1CKNvDiUkVRu5HOXs43g=; b=SP0BZdqJ3JG28YDqFm700bR9QJl944BnKo74KpMyiAmEYhe48GuqNI6pHm17Y6Fdh8 tr1Hd4A8zR/DZOMh417th9I0KaeyUHPb+OHbP3fjV7rlbHSHNcW+7+r+Qbafawjd1301 LAZ5mGbuj8aUD4i+BYqVXxHdMTXqqJBnE27HraQshKmOiDIFpuqAHgLd1mG022/mVG9h c30AMkUkNO/0Jp824XPLxHZOHhzMh2pnedxq1lsi/ehyGdVhwNom/WEe1fnP0O4G80ev 4Ragt/+/aKOJpc+Va0IrmInXAqrHlFFv608QxdhyBKx4801e+KBKWe92UoaR3W+z98GJ W9BA== X-Forwarded-Encrypted: i=1; AJvYcCU6MAnYpPXe8HAT902NEULBAkwIncFYLn7pOOLeNr9bCCobrrtR73Ok33kYoSyOSORaKHTRFYxFBA==@kvack.org X-Gm-Message-State: AOJu0YyPZRS11RHg10xz/Dk0hFCVqs5pbVOKRPMkhL5Kii4TGcqJFarX o2A1ixCXRMeVDUNPS6/w5z7B0WwX4/rS1Rot/EAVuLxba6WxTEmAV34Rj2gs3w== X-Gm-Gg: ASbGnctJyiB63s4hzMKUJ92jmDJR8e4uU3roX016NSsQKJbJTH7nWDfabE6q8fnOZT3 IvUNMFRJNlBnwKOslgFP3cMMGc81YrD+fafgTVoFnUi9zm4Fy/LMLFlKlj/eVWnnJ3oUuLZ9zdz rpUAT9C133E0B55vZwJUhDVQH1t08+iTB2zRAhlT84N7LVlrxOb5Qxwqf6XgHPgp5ygmBqscCc4 q7dZ61Uhwgq8yxmOKKlHZGVTWT6zAAUwwURy4CC6VYAY0ZnOXC8HF5gocp46sHOahhs2+PqSMlO rYh5J8Te1tdMQBvjQlfMYVmnQsYQAxjH5CZJWzWu5BU9lQ8E1Q== X-Google-Smtp-Source: AGHT+IGLyjV6DGNlQC70XXyU6c8VYNX9NRu9NY3TAy8HoniHcIPDAY3iv7rogZ2WB1DXQE04jazm3Q== X-Received: by 2002:a17:902:f791:b0:20c:da9a:d5b9 with SMTP id d9443c01a7336-220bbad0cf2mr11063425ad.5.1739330522551; Tue, 11 Feb 2025 19:22:02 -0800 (PST) Received: from localhost (9.184.168.34.bc.googleusercontent.com. [34.168.184.9]) by smtp.gmail.com with UTF8SMTPSA id d9443c01a7336-21f36897faesm102883195ad.213.2025.02.11.19.22.02 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 11 Feb 2025 19:22:02 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [RFC PATCH v5 6/7] mseal, system mappings: uprobe mapping Date: Wed, 12 Feb 2025 03:21:54 +0000 Message-ID: <20250212032155.1276806-7-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.502.g6dc24dfdaf-goog In-Reply-To: <20250212032155.1276806-1-jeffxu@google.com> References: <20250212032155.1276806-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspam-User: X-Stat-Signature: du59oqygs8p4xmuwupo1k5edubow1osx X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: A770EA0007 X-HE-Tag: 1739330523-235328 X-HE-Meta: U2FsdGVkX18ElPZjtK8ZtpdUT82kFlShGhdVDL9iNPEl+r8lVF1Ejbcup0Lmo6Z7u/BiUkNoFPjhw4qwl0XMbxiTEQKpzNwErkV7PloVnUdQHTZI1KBvSs1rr3CTDOEfW2qFyapu9XjV/barVKHpbVPGUyL2YWp+uPZbyQGC8LceKUo+YRb2yq5MzUl4yikE25zs7S0JMrCMkGARnhsL/9DFOHVE217J7xY9xSZFKmTg5Dtkdx1dsMzlORfy08KDhtAT+FGEZ9tVJJ7mnbTYJD6FMWVmHxYBZwlu7dEvl4m6e+42rGvClPJXzuhs47VVncRgjFLdiMaKy0lgIIe5gdvK1W/Ua/5UInSmRw+VpcGZF7q079UAR81f/PeM/6he2j6Fw+E1Q5OhQgmUAfkjlleLiIXqfn1X0I1g8H4oOCK+1dDWkF94TpNzvvJhP3Ke+j0iEcdmhc+B+0OkbynyU1T2RMSVfibLIy48xhAjOy+qsEkY/F4rQLspwQMIcEHv0/acb4/cKNtJ8BGd0GV+G7kgwUywITWAGjuDde9s/1ZZk4xsqwiPNLiujjyW2f+TwtP8ekTqY+0LM2JjQaDEYl04lclPzW7WbL/iVTyOvFKPcVSehattg1SgllTC7ROiGrLoEXxten3E7Yx1/yqaGTMy7hLi5bAl/UstSTjOVw1YiZHcujTXMnxz2ykqZqIHPC1mSiXwNhzQBfCQ27fO1iIyuC0Nn0EAaa0Zs4nIKUXGetTGKz1Nc2OMT8xyJmaU7OPEEiv2CSn1rPyW0Ye7ZZtCOApjwimLvBbXYT9CEauDYnCGK0S/D0Sww/cLvmhcJcKChRCOvuXDIgjq2Xt+VOGmG4r+ULLSw7SBQ9Oa/ckfdbnfEbUwr1C2stoAy5mvqe+fG7rj+ogo5F3gGofYAfoE00iZEKxfP2I8ugsfRF0k40OmATTZ+8KgqjdH0ztV2i2tpUqAxAJlvHQIHyi FUHFCJQk IrP2JZLiAmrWQMopPDK0jbn0HuWh8ow0Qv2TTZlAh5WrlWOhD3EmF8x786piqDRu+K1Qsh2whCwyZYJwCEG99gJs26GiM9JIJH11NUHDuStjauvkVgOEn7iTlWSKQvbRbA0CBVE1HjNid6i+h10WVpFgI+NZk7tgTTMhH16auta9U2MssS071SKtVHiQ9amMBpUOzolNlerH7G8SBzFwf9yNNTXQTmnTiu1XOauRDJArigm8Ew6Ceb+6MIp4mukblXKi47ptcNRNc8OHGYQI798ebi2n/ZcJrCbtL5cVEw6B9QchPTRh9er4a17p0pjlT8S6eUInu4c9TVjTkJqEguk74t9/HdFfMSCqg8/bwfvgvBayZXZuaWRboFeaYqiarHF4n1KptcUYmav92G4dqGrxYjbjAQY93iYLr X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide support to mseal the uprobe mapping. Unlike other system mappings, the uprobe mapping is not established during program startup. However, its lifetime is the same as the process's lifetime. It could be sealed from creation. Signed-off-by: Jeff Xu --- kernel/events/uprobes.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c index 2ca797cbe465..55e0fa21eee6 100644 --- a/kernel/events/uprobes.c +++ b/kernel/events/uprobes.c @@ -22,6 +22,7 @@ #include /* user_enable_single_step */ #include /* notifier mechanism */ #include +#include #include #include #include @@ -1662,6 +1663,7 @@ static const struct vm_special_mapping xol_mapping = { static int xol_add_vma(struct mm_struct *mm, struct xol_area *area) { struct vm_area_struct *vma; + unsigned long vm_flags; int ret; if (mmap_write_lock_killable(mm)) @@ -1682,8 +1684,10 @@ static int xol_add_vma(struct mm_struct *mm, struct xol_area *area) } } + vm_flags = VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO; + vm_flags |= mseal_system_mappings(); vma = _install_special_mapping(mm, area->vaddr, PAGE_SIZE, - VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO, + vm_flags, &xol_mapping); if (IS_ERR(vma)) { ret = PTR_ERR(vma);