From patchwork Mon Feb 24 22:52:45 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13989027 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 246A5C021A4 for ; Mon, 24 Feb 2025 22:53:06 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7FA9E280016; Mon, 24 Feb 2025 17:52:57 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 7AAE1280001; Mon, 24 Feb 2025 17:52:57 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 5AEAD280016; Mon, 24 Feb 2025 17:52:57 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 3916D280001 for ; Mon, 24 Feb 2025 17:52:57 -0500 (EST) Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id AE328B062E for ; Mon, 24 Feb 2025 22:52:56 +0000 (UTC) X-FDA: 83156339952.01.6C3A9C5 Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) by imf10.hostedemail.com (Postfix) with ESMTP id CF3E5C0005 for ; Mon, 24 Feb 2025 22:52:54 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=Zl23T93J; spf=pass (imf10.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.176 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740437574; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=1iZa0J3oai+8Welu6Zi/1CRi8cf0vv3kefTwVSjChmA=; b=6W2nWtv89ihzUSmk8x8yg0/ezIGK5lg5q/qV5Ws6x2YDWgA8o3PgszlJ+EaxrwLBuYh6+H dhZEGs/zir82MbeGGMsn1Zh2EmY3y2RBiaN8mrNlsAAf7hazUhdvHj5Pxl+ki4BHRqEJZU WKBulX8lb8iNvT42D6rkX1GnFqFNMCY= ARC-Authentication-Results: i=1; imf10.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=Zl23T93J; spf=pass (imf10.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.176 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740437574; a=rsa-sha256; cv=none; b=hnlSmKCNxN8jb9hw57ULW9gidy1I58UqMtNCdRdc8awlReLcKDwOu23K4XsenS4Nno0tcd Z5ldpjBsAwazMZ9WpgBf+dem8UbxfAIGytzqVq3bw3uJUStVJPboqGIKFjNKbTGSXg5JX7 EwWnzEhQfOO+t/9P4x8AULsi3iKZSI0= Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-220cd9959f6so12645025ad.1 for ; Mon, 24 Feb 2025 14:52:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740437573; x=1741042373; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=1iZa0J3oai+8Welu6Zi/1CRi8cf0vv3kefTwVSjChmA=; b=Zl23T93J7kWTHl5a9zMYnJIJA080T0bpn0zXTDI3Qr4eWcUKBzz99dFBVKPX+kVxfA Lw/o14eH4kWVHhNMIp8dKv3nPO0EFi3Bf6JYh+rF9rEKRUjuETxIP3IzoOHuaA/BCcfg 068qw6HbYdg2TdsBlBdfoiYLbH7ls5QPXVV/I= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740437573; x=1741042373; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1iZa0J3oai+8Welu6Zi/1CRi8cf0vv3kefTwVSjChmA=; b=a6ZsVTnSDCCt+M/EPfnhhBHl5vsoOMQh4sn1jppgmKw6jt/OxM1temPDbwzpGaj8pV PBm8ByXJFGvGziHOlD+0a7zT1lnUDxOrX8T3FndEb1MKIXvvndlzJ/CQ1DRjkuJN2E1O kNUyp7Al8bXhxd51cuNH09Yi+hxH8VghvbFzg/I4Cv8sowrGB/05bCG9APqwVA6T7FZ5 C4FholzyjmwJDdlAlzLUNeClPfdze34Cn4MGAjF5p4E/LhOiCDMPmHlYFT3wShF4PwYA 09JtKK1MAAhrgrtzs+3quCqut09FshfL2fVUw2TYbxPnfoBkcCLhq2Jk2K/AXDueEFdo SNoQ== X-Forwarded-Encrypted: i=1; AJvYcCWvAFE+tRYwkwNn9Oo6OTo/fkZRcswUZPNkdR8D0adUfdovB11ehv2FNrLCCbFl5Z1Dd0BsPRPmSA==@kvack.org X-Gm-Message-State: AOJu0Yw1DWJDgU75TsbOL8PwsfMKbxVEckHip2Dk77SUGbeQmL0AoOJB AKWB5ql97YQxIKbygx+gw7sqkBe4r2XL+NvGtQQ7jAUbB/uES0YcfGoHHjgCvg== X-Gm-Gg: ASbGncupwuntoGG0KFqyQRkadycfNfcNPpFlHP8YAg3RqyA6yFBtuRNj+jeDdXbN0CN CZint8jntuHmlJm8nEMhOubWjJwAh23fYr1dTyCJSroVRj/3e0XwQ3uRaxZLkQS5aO6TmCkWldF bfk47+E0sGu+ZFyL7TQNYTJ8JMlJ9uO0qZ5g0IzVqM4lDtAiB4u00U5+yMiFS9EVWGKvNIbMhr6 9nZz38GCLfvErODrFEeFd1uuNY8DnV7nptTXJirt/+NSjdVnuLgpY+DmYCl3CyflUc6j6Bi+KvM FhbZwU3ni/5SO+2VWNz0N5aGN2PdpFh4ALy2But45lfkky3yqlf19QxlzQa2 X-Google-Smtp-Source: AGHT+IFg6PbCJykgEIaP4RauSlaTrid3Wz+OgE4C+L+jwZ9u9/LvDrktm5eCC+LrKCajBp0j3msv1g== X-Received: by 2002:a05:6a00:3cd4:b0:730:96fa:bdb5 with SMTP id d2e1a72fcca58-73426d9b38dmr8599645b3a.6.1740437573573; Mon, 24 Feb 2025 14:52:53 -0800 (PST) Received: from localhost (201.59.83.34.bc.googleusercontent.com. [34.83.59.201]) by smtp.gmail.com with UTF8SMTPSA id d2e1a72fcca58-7347a839dffsm173674b3a.172.2025.02.24.14.52.52 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 24 Feb 2025 14:52:52 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [PATCH v7 6/7] mseal, system mappings: uprobe mapping Date: Mon, 24 Feb 2025 22:52:45 +0000 Message-ID: <20250224225246.3712295-7-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.658.g4767266eb4-goog In-Reply-To: <20250224225246.3712295-1-jeffxu@google.com> References: <20250224225246.3712295-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspam-User: X-Stat-Signature: 8f9p3ca9bq3qzjrsj9zz3uiieydptu9r X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: CF3E5C0005 X-HE-Tag: 1740437574-849470 X-HE-Meta: U2FsdGVkX1/dU10CIXdQ9s1Hi+leNmFp5/je2lce1wx4myUZYkuC/axHTq8zp3ruOskzEU6nITxeKCGXwlKzET5k4Uua8w2s92Ox4Z4hjDIDcv5q2zvsvM6gakint6FFML/V7iaB5/EfuFwJAXVezOOWNUimtjuduZsnchNhATpOrrTj7af+Hb3sTFcCm8K+3iBrNwUR6W3/oBxNVD1wYdqv6UpHqxiwbB9HaI+hjJ7AxgsQF34iSjXhH1blOj4gv+vxi4jHOKQXDTFHYwxjEIe7jkaxpkwUppt0LD4nOtqzqdn8qpUh40hHYEA5n6cZaa1+fFvYbS6ZXHZhb5YD1WgVfuhY1xgBMhlRsAcK+8qCOuptICDjWPqfyHbrSePxrT+qn+UO/v/uhUWNybnvLFcYj+zRjCrzDGLqL5UL5kkdbMsIPQaBtjcP4oPR84QXJ+Lctr2CDQ/zmPEVZpB4HKL0YyLWNjj3NPOJL4uuoMzFXqkBsxKqKJHpk4B4Qn0TJFCqNPZ9cRkn4MMpqAGFlPkadBKG2SNAc1WR0uRcZRXmD42Av3ycLAN6zHszB9N+6iHcuQFMUZuh0/0MyYOtIBPpvqwkH5ORzulDardfoCscyvp+/x4+OpBQlICx5ZJnn1fa8C7wWYEKq032fmKmHGpA1jiQWYOiW09kB09t6mTDNhQ3p+/7+QQN61E9nueiq2AEzw3xpAzWSbpzdTOlpyDwAIwM5jG4pYDJhx93hAQb24IYR9/rbTI0FKZmUF21ucuI1xkP1xcXW7vdSocp7TPi2hdxO68gWllxzXhTRW9SRuAiw0IuVDmTpowFzTBBZAPTGUnVZjIetPOYOqxpuzPWmKYAuuJfB8teD/VjEm37ctV5xRjcA+lrIs+O4tvQkuVtjaXQuDwUKwmCc0+/yH3ELyCfpgmzvyS+TorJjx1XcZie7W7ivauA+aBf+5aGO9Kh9AwgV82MZJdU4Vz CiClFBwC +toee3RjcjpM9/6gumOl74lli1clROZbYrh6fbECNKjHF2PmQRjAEepkCDS8lR/0xO4Pmv3IKnQO0xOJz1CC8Tav1uhCjMo2F6u/KVedQcyPgUfa3FBWN1A5hD7YAiUUxnvXT7a7bBs8+MVaLYrKSJRWqCXOmgiQzvK5CNgxkE0ptBzNpxhexDkyMVnnFImEr4x6GMlEcv7WsghoQr6CaqKNg6/2eEC6pF48yceQK7b67fVXI2RRTeTe+dwAWf4HNabFBNrZtAPKKeo1NT65Q8PGtGutYeuC8a9im2ZZyxevOCJwK3DYbzMkfcVXuT74qnRZPnlNIUy70/UGwie51DAgjyJ1Ogoj34mndS5oFBzGVpYcpWgPKH9MGSA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide support to mseal the uprobe mapping. Unlike other system mappings, the uprobe mapping is not established during program startup. However, its lifetime is the same as the process's lifetime. It could be sealed from creation. Signed-off-by: Jeff Xu --- kernel/events/uprobes.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c index 2ca797cbe465..8dcdfa0d306b 100644 --- a/kernel/events/uprobes.c +++ b/kernel/events/uprobes.c @@ -1662,6 +1662,7 @@ static const struct vm_special_mapping xol_mapping = { static int xol_add_vma(struct mm_struct *mm, struct xol_area *area) { struct vm_area_struct *vma; + unsigned long vm_flags; int ret; if (mmap_write_lock_killable(mm)) @@ -1682,8 +1683,10 @@ static int xol_add_vma(struct mm_struct *mm, struct xol_area *area) } } + vm_flags = VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO; + vm_flags |= VM_SEALED_SYSMAP; vma = _install_special_mapping(mm, area->vaddr, PAGE_SIZE, - VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO, + vm_flags, &xol_mapping); if (IS_ERR(vma)) { ret = PTR_ERR(vma);