From patchwork Wed Feb 12 03:21:49 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13971019 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0ED0AC021A2 for ; Wed, 12 Feb 2025 03:22:01 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4855A6B0083; Tue, 11 Feb 2025 22:22:01 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 435D36B0085; Tue, 11 Feb 2025 22:22:01 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2AFFD6B0088; Tue, 11 Feb 2025 22:22:01 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 0FDEA6B0083 for ; Tue, 11 Feb 2025 22:22:01 -0500 (EST) Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id CA3291216F6 for ; Wed, 12 Feb 2025 03:22:00 +0000 (UTC) X-FDA: 83109843600.01.CCC3621 Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) by imf12.hostedemail.com (Postfix) with ESMTP id DD23F40006 for ; Wed, 12 Feb 2025 03:21:58 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="Wls7xV/L"; spf=pass (imf12.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.169 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1739330518; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=DGlgtnJud/tm4lyrsEmm3OjwE2GDthkuHJ1JyP15EEc=; b=pXqssCy4DgFJ4F+yBEK5FrrRE8AIACd9w/Gw+DKQy+H40AM9Gx83H4I5bynmv2siTC6coT x7OsLCIp4fjSB1bHG4LZoqvsI14lYungByC0RO35b2vc7BHkl+vRs6lO2MeI6HNfwq0zQo fG7A919PZsuOS6G01JCXrFfgqqNKROg= ARC-Authentication-Results: i=1; imf12.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="Wls7xV/L"; spf=pass (imf12.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.169 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1739330518; a=rsa-sha256; cv=none; b=itbrfuGwRfAjTIVTySJWbctjlLyzaM70IqfEE0Q4+BjPU9aqIKfvUGa15KIwGC6HdnJtla Ill/4D0fdU2a4XzZTzCIPauXbwAPcP95Rw/GBA9Zv6EHCokOvQZx5Tc7FFT+Itn4W1J9a7 PzHe2EyjCy/g8IuG+DJZLl0g1Z0cFi8= Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-21f3826e88cso11821275ad.0 for ; Tue, 11 Feb 2025 19:21:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1739330518; x=1739935318; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=DGlgtnJud/tm4lyrsEmm3OjwE2GDthkuHJ1JyP15EEc=; b=Wls7xV/Lemq+gSy8cgrW3k1V7o21O/St+WnwLoMXIz3TChM4sRUu0QEFIvIU+tgPS3 VurE4Ssl5W3/e3GcODW1JO0hFtukARTPI8lvTdzN4X1+1ApDAJcwa02q6yR9vnZ2rv6q j9S86BYrLrOYDEl1lOt0ycMPUF7u4FM33t76I= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739330518; x=1739935318; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DGlgtnJud/tm4lyrsEmm3OjwE2GDthkuHJ1JyP15EEc=; b=GJpzB/k0ukTUcbao/6VZVRJAiYvxkpAGOIILG2Llmu5YdY4+q7Qs5MC0QTEIP3zoHs 91wUktrr5K3cTqjFg5GFyGoYfsMZye8kKOunRS5SolllUpMeMnMqyuNJ6jVq54tpgOjQ bgCLTZ1BLjVNIob5GuKxlZogGglNh5oK/9GlTBoe0WHvslAkc5ghTba7kwYHALSavJe9 320fUXmNMMHm30vmAm8gSyN9OzRsvfb7AT93Rc5U4UGKgGZg6D2c/+MQEnPRNRmJNr0c NVILy7Exaw9ge9sIviaCfguabjiYkPLv6SNSZUt8c1b7ZuBuHE/q0bIwfoXmxKd73d5g S1wQ== X-Forwarded-Encrypted: i=1; AJvYcCXigHgAOqkd9bwlp3uDhOJwCnuPgn5wz21cpVJsERCqHs33Kn8JpjfJ8rZiYT/0B5izA6L7oTLPKQ==@kvack.org X-Gm-Message-State: AOJu0Yyk59zNU0LGP9WkcL0Kfq9CsxgYb188sOyIesmPgZEIeBvJruAy JJOuPlMXc0/L/1K1k8UBR1oeUXzMDhgKr+AHqPVkC8+UfgKpp/O2C3jkmhq2dw== X-Gm-Gg: ASbGnctxQdb4lrrJMm9yWHgiRnNwwuOL+nqdLzdaA4HqxoIu/bFDrqOW1msFVvCdbmZ FtAuWDqua16LxlAdZz0bgKQ40Q6i5QUvPs8pOGk+8Y6lz5ZF2eCw2WPlAJlssf7Px2URP9RdTSS 8QVWUTcGoIG1/fG2OWRw43u/oRFMGWhjspxoGzfNWQVPXIVlJ1aYsRIhYHuRnIQB746dhPFM81r p7JFkrg76g16fzNRK6CEbofED42QHd5hCVWBu+83sbPtuV4u6MOX2aeGTUIdE7oiL+s2wNvAlCA cZDVYZ02J3BGGQEAb9hbDSt0FU9bE3r2ZS4RdED7S6NrWGrLoA== X-Google-Smtp-Source: AGHT+IEURlNafHcVNKrTKgOcgxh+gG6kKLNCaOgM84jrdUBBOm8abnn5+RM1CQymWz2I341kNGd0sw== X-Received: by 2002:a17:903:22c5:b0:21b:d105:26a7 with SMTP id d9443c01a7336-220bbb045admr10702145ad.6.1739330517663; Tue, 11 Feb 2025 19:21:57 -0800 (PST) Received: from localhost (9.184.168.34.bc.googleusercontent.com. [34.168.184.9]) by smtp.gmail.com with UTF8SMTPSA id 98e67ed59e1d1-2fbf999b5cesm299750a91.34.2025.02.11.19.21.57 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 11 Feb 2025 19:21:57 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [RFC PATCH v5 1/7] mseal, system mappings: kernel config and header change Date: Wed, 12 Feb 2025 03:21:49 +0000 Message-ID: <20250212032155.1276806-2-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.502.g6dc24dfdaf-goog In-Reply-To: <20250212032155.1276806-1-jeffxu@google.com> References: <20250212032155.1276806-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspam-User: X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: DD23F40006 X-Stat-Signature: k678jbiqdsm6bh1wyr5eonih987ua3wn X-HE-Tag: 1739330518-866956 X-HE-Meta: U2FsdGVkX1+8ypcS3lOGhYMAcj7h3S5nLQ+ZF6JZ3pcEq5htj/FI3Nw9ZNIilP/u5p0/2uJ9RqaYQwRBMtkxvmMDxOg03Jgv6teZx0B97lyx7qqgavuVlR2Q4u8bYvj/hMVhxwvpTCD+szp/vpuW6qLUZ1kYnlBJJYmaqAGtkeKEPoeAVe+ZJSuTv1UNLpPEDqzdPUZQ7vV/cqnW5QCNjyiyBQauHb45XJqWotkITwqARVywBSCVtgr1vjDKekazbKgRz3vdGf3S//G7SQx2QMTFudS6jCN7IYIWcCKIVjBZj/OegcadCLl/O/cuIWm1LVKoIzf7QT32uo0ZG47/qn+Q/Ff/cPF1Eyz0LS3fwdwNCveM2GdgEhXWMjjOzEZZ4ZQm/hE6rM+OXqpo5895pFmZuXunRp8vRnMQZkqGRyAtdWKbNTfsLDjix3YGtwMf0I8NauJMrgvs9Hf3wWBSm714EPCeYps0GIRLICIWZwdD4tg65PzNaA1+LTb6fuNI2ZBvBcmYwRrYOaAGRQnn/SXfxNKmzryRmOXLLksVaZHRRw+TsgJvPuOwSeyZR/wnbdUBYk3LyoX3/vyehZQKZhSHPq3asouzq9+FnrJigeMxQnEylM9Ri0J1FJKuGQa38SVoEIY4QYTuPS6zsb+EH+OY8eU/r+ufIpVz1anbbnzrynFqsueFi6n1oTWi44xWl5S3jO9aW74xKC2R3H/Ix/HH59WG87Kz1zbt//D1RjglZIBhQ6mkjDBVle5wtmnwhMSWwbQYbyCwlXlqMpAnlOKDQT5EZaTtjiY4sMmCy1FjLEJP4/vaqeldZCIjXst7wP3YMcODXhd9O6ztc1Dgl7GUlN+WoEbHrAPqbSt2pLR3ljH5Zp4b2WAZg938LaGeNbndhM52rCkxdZUCxLhmC4p2U1578H111bEq/P7fFA4ILrGYbU0MMkPuobXNLQmwVlmy9uEyK2/aXvCzaIR xFuAX9Tr 68+OJoFH+0VEGx8KWIkKsq6RgcC9NYYTYkWezl0fjSu7LrVMMoaERHAcga5cyg5Vf2Qn6OBmGVKjQGxlKiXJAxYetEIQULFawd3fJ2dy/TzlYZssIjOsE+trHzGq5YoN1S3FTY1hmhon+brOfofZ22qG99FYuvuAYWbFxOo39uSbKykPUTKSyYA7PuFsOKDZRRr2thsmAmvLFKRBP6jPMm3/DvHuYazMMmP6+pdl0HGdoweVfXvu2T98SWIpPqE6Q4ctRi1ApCTlrD58hW3WBD7ZcgOOLlFfEXzHCZqyULfMzkorLLJ7DlFWTSjdh7hB33Ym8SMa7F1XaiZxFbO/Plw+OBi0pK/ku8f2D/myXca4RqSb3nooHISq0csZ5NZ8AaVqnBpPvU5YOEVJfQbGBcBWR8z6gDdIq0Zy/ X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide infrastructure to mseal system mappings. Establish two kernel configs (CONFIG_MSEAL_SYSTEM_MAPPINGS, ARCH_HAS_MSEAL_SYSTEM_MAPPINGS) and a header file (userprocess.h) for future patches. As discussed during mseal() upstream process [1], mseal() protects the VMAs of a given virtual memory range against modifications, such as the read/write (RW) and no-execute (NX) bits. For complete descriptions of memory sealing, please see mseal.rst [2]. The mseal() is useful to mitigate memory corruption issues where a corrupted pointer is passed to a memory management system. For example, such an attacker primitive can break control-flow integrity guarantees since read-only memory that is supposed to be trusted can become writable or .text pages can get remapped. The system mappings are readonly only, memory sealing can protect them from ever changing to writable or unmmap/remapped as different attributes. System mappings such as vdso, vvar, and sigpage (arm), vectors (arm) are created by the kernel during program initialization, and could be sealed after creation. Unlike the aforementioned mappings, the uprobe mapping is not established during program startup. However, its lifetime is the same as the process's lifetime [3]. It could be sealed from creation. The vsyscall on x86-64 uses a special address (0xffffffffff600000), which is outside the mm managed range. This means mprotect, munmap, and mremap won't work on the vsyscall. Since sealing doesn't enhance the vsyscall's security, it is skipped in this patch. If we ever seal the vsyscall, it is probably only for decorative purpose, i.e. showing the 'sl' flag in the /proc/pid/smaps. For this patch, it is ignored. It is important to note that the CHECKPOINT_RESTORE feature (CRIU) may alter the system mappings during restore operations. UML(User Mode Linux) and gVisor are also known to change the vdso/vvar mappings. Consequently, this feature cannot be universally enabled across all systems. As such, CONFIG_MSEAL_SYSTEM_MAPPINGS is disabled by default. To support mseal of system mappings, architectures must define CONFIG_ARCH_HAS_MSEAL_SYSTEM_MAPPINGS and update their special mappings calls to pass mseal flag. Additionally, architectures must confirm they do not unmap/remap system mappings during the process lifetime. In this version, we've improved the handling of system mapping sealing from previous versions, instead of modifying the _install_special_mapping function itself, which would affect all architectures, we now call _install_special_mapping with a sealing flag only within the specific architecture that requires it. This targeted approach offers two key advantages: 1) It limits the code change's impact to the necessary architectures, and 2) It aligns with the software architecture by keeping the core memory management within the mm layer, while delegating the decision of sealing system mappings to the individual architecture, which is particularly relevant since 32-bit architectures never require sealing. Additionally, this patch introduces a new header, include/linux/usrprocess.h, which contains the mseal_system_mappings() function. This function helps the architecture determine if system mapping is enabled within the current kernel configuration. It can be extended in the future to handle opt-in/out prctl for enabling system mapping sealing at the process level or a kernel cmdline feature. A new header file was introduced because it was difficult to find the best location for this function. Although include/linux/mm.h was considered, this feature is more closely related to user processes than core memory management. Additionally, future prctl or kernel cmd-line implementations for this feature would not fit within the scope of core memory management or mseal.c. This is relevant because if we add unit-tests for mseal.c in the future, we would want to limit mseal.c's dependencies to core memory management. Prior to this patch series, we explored sealing special mappings from userspace using glibc's dynamic linker. This approach revealed several issues: - The PT_LOAD header may report an incorrect length for vdso, (smaller than its actual size). The dynamic linker, which relies on PT_LOAD information to determine mapping size, would then split and partially seal the vdso mapping. Since each architecture has its own vdso/vvar code, fixing this in the kernel would require going through each archiecture. Our initial goal was to enable sealing readonly mappings, e.g. .text, across all architectures, sealing vdso from kernel since creation appears to be simpler than sealing vdso at glibc. - The [vvar] mapping header only contains address information, not length information. Similar issues might exist for other special mappings. - Mappings like uprobe are not covered by the dynamic linker, and there is no effective solution for them. This feature's security enhancements will benefit ChromeOS, Android, and other high security systems. Testing: This feature was tested on ChromeOS and Android for both x86-64 and ARM64. - Enable sealing and verify vdso/vvar, sigpage, vector are sealed properly, i.e. "sl" shown in the smaps for those mappings, and mremap is blocked. - Passing various automation tests (e.g. pre-checkin) on ChromeOS and Android to ensure the sealing doesn't affect the functionality of Chromebook and Android phone. I also tested the feature on Ubuntu on x86-64: - With config disabled, vdso/vvar is not sealed, - with config enabled, vdso/vvar is sealed, and booting up Ubuntu is OK, normal operations such as browsing the web, open/edit doc are OK. In addition, Benjamin Berg tested this on UML. Link: https://lore.kernel.org/all/20240415163527.626541-1-jeffxu@chromium.org/ [1] Link: Documentation/userspace-api/mseal.rst [2] Link: https://lore.kernel.org/all/CABi2SkU9BRUnqf70-nksuMCQ+yyiWjo3fM4XkRkL-NrCZxYAyg@mail.gmail.com/ [3] Signed-off-by: Jeff Xu --- include/linux/userprocess.h | 18 ++++++++++++++++++ init/Kconfig | 18 ++++++++++++++++++ security/Kconfig | 18 ++++++++++++++++++ 3 files changed, 54 insertions(+) create mode 100644 include/linux/userprocess.h diff --git a/include/linux/userprocess.h b/include/linux/userprocess.h new file mode 100644 index 000000000000..bd11e2e972c5 --- /dev/null +++ b/include/linux/userprocess.h @@ -0,0 +1,18 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _LINUX_USER_PROCESS_H +#define _LINUX_USER_PROCESS_H +#include + +/* + * mseal of userspace process's system mappings. + */ +static inline unsigned long mseal_system_mappings(void) +{ +#ifdef CONFIG_MSEAL_SYSTEM_MAPPINGS + return VM_SEALED; +#else + return 0; +#endif +} + +#endif diff --git a/init/Kconfig b/init/Kconfig index d0d021b3fa3b..892d2bcdf397 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -1882,6 +1882,24 @@ config ARCH_HAS_MEMBARRIER_CALLBACKS config ARCH_HAS_MEMBARRIER_SYNC_CORE bool +config ARCH_HAS_MSEAL_SYSTEM_MAPPINGS + bool + help + Control MSEAL_SYSTEM_MAPPINGS access based on architecture. + + A 64-bit kernel is required for the memory sealing feature. + No specific hardware features from the CPU are needed. + + To enable this feature, the architecture needs to update their + speical mappings calls to include the sealing flag and confirm + that it doesn't unmap/remap system mappings during the life + time of the process. After the architecture enables this, a + distribution can set CONFIG_MSEAL_SYSTEM_MAPPING to manage access + to the feature. + + For complete descriptions of memory sealing, please see + Documentation/userspace-api/mseal.rst + config HAVE_PERF_EVENTS bool help diff --git a/security/Kconfig b/security/Kconfig index f10dbf15c294..bfb35fc7a3c6 100644 --- a/security/Kconfig +++ b/security/Kconfig @@ -51,6 +51,24 @@ config PROC_MEM_NO_FORCE endchoice +config MSEAL_SYSTEM_MAPPINGS + bool "mseal system mappings" + depends on 64BIT + depends on ARCH_HAS_MSEAL_SYSTEM_MAPPINGS + depends on !CHECKPOINT_RESTORE + help + Seal system mappings such as vdso, vvar, sigpage, uprobes, etc. + + A 64-bit kernel is required for the memory sealing feature. + No specific hardware features from the CPU are needed. + + Note: CHECKPOINT_RESTORE, UML, gVisor are known to relocate or + unmap system mapping, therefore this config can't be enabled + universally. + + For complete descriptions of memory sealing, please see + Documentation/userspace-api/mseal.rst + config SECURITY bool "Enable different security models" depends on SYSFS From patchwork Wed Feb 12 03:21:50 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13971020 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7EB97C021A0 for ; Wed, 12 Feb 2025 03:22:04 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6349F6B0085; Tue, 11 Feb 2025 22:22:02 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 60C966B0088; Tue, 11 Feb 2025 22:22:02 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4363A6B0089; Tue, 11 Feb 2025 22:22:02 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 234FA6B0085 for ; Tue, 11 Feb 2025 22:22:02 -0500 (EST) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id B473FC16FD for ; Wed, 12 Feb 2025 03:22:01 +0000 (UTC) X-FDA: 83109843642.24.B4E5E19 Received: from mail-pj1-f43.google.com (mail-pj1-f43.google.com [209.85.216.43]) by imf27.hostedemail.com (Postfix) with ESMTP id D302240008 for ; Wed, 12 Feb 2025 03:21:59 +0000 (UTC) Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=kDcR1vKi; spf=pass (imf27.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.216.43 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1739330519; a=rsa-sha256; cv=none; b=q2blVBhkhVWPZBa14iC0bdrax+tignIPLXJbZ9h2dvHQE+DvpkIrGXZejMyAzO1jUVtQb5 W1ca1OlQlsN8VmvSBnJGEfhKIxJv8W1js5Fbi2nYcfzfCmH5DOvSBRNCzdT+LCfdWVt2+S zX1lrYgZmkCsKslrg+Z6V3LbbISwM9Y= ARC-Authentication-Results: i=1; imf27.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=kDcR1vKi; spf=pass (imf27.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.216.43 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1739330519; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ncxizXOAVrQ+BWFck4tB/XehU76xAVIOQApqyTjKcXY=; b=goX0CK9XQC2Emk2PSoh4Nw+CIutcMqrM8tubU4s+pskXRQh9liwXUqZGu9DIBFkkBswS1R DnCYTAafaiMsUJAN6DJNOvbQ/ucOwFlLvIeVP6zkrrjdd+kTC1nC2/VNGwK/A1rPQkW9YL 8+gCsVe2pwJBbhqIPCg562xvc4tUImw= Received: by mail-pj1-f43.google.com with SMTP id 98e67ed59e1d1-2fa18088594so1370927a91.3 for ; Tue, 11 Feb 2025 19:21:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1739330519; x=1739935319; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ncxizXOAVrQ+BWFck4tB/XehU76xAVIOQApqyTjKcXY=; b=kDcR1vKiS1qUBxE0LkfCi85GvmpMxi0CsIJ90/G3ZViFLpk4X04hq3ZXeqqdb0a9Np hAMJD9xpP4V7+8yIiHMDFrjtTFA78Oun3KPDTkd3LCr3J05FJ7e6ort+fQY/DLc2dS7F lvBZAlQTUL22KwAALU3AlmuclXcJ28RIQkeGI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739330519; x=1739935319; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ncxizXOAVrQ+BWFck4tB/XehU76xAVIOQApqyTjKcXY=; b=RIuxRKPNLjcjDHXGYOp/iUsz0mdUD7vYURdqvYf3QJogMCsrHuglcAZdzb4YTYEWKc P6oZIzVs3yGQfXHqdMnlaZ35amRMXpW7J7s8gf0QKSqv0/ZU2n20xyMh3+e/ui+hpxXM fXelu7UXMEhMdxxY+VWxvLyBVE66MtWt+kpooQhYfXcyZ5n9Ss4qyPzG9qqKO2QpZlCo OgQwb1f1YrJr4geEL00+9/wouAI8bY4TlhDKph15QzKz+JvT+pwg1BfoxNZUKrIjAVNR 2FhnKOnH2xiG2cvH1AobKYyAxVavGiRyXMIMSqbOj8cXzNuIL5CPCqEeof8gf5NwtmJ1 bbPQ== X-Forwarded-Encrypted: i=1; AJvYcCXqW2ujSsL9ZWyHKwrsFCwMGtLZf/rPeqne69QPHHSwYlKLobSyVkk7awoa5ZedzSS5O6xUyQvPIQ==@kvack.org X-Gm-Message-State: AOJu0YxU1FF8WrL1f+1kGJDadot5X1u/HujsDEYmtZLZAXWGY2cELkKM Kz5cBapcN0X3pm+Y2Y9JyRI3HIdaEa09FAVFdhTW+tWiUnrUSq5iYmzjKO0/Kw== X-Gm-Gg: ASbGncvxvprlFdxIO7VUUpGo24TGab9Ik4KuvX+38bIV5toqcqn87NSsYYTD30DmEL+ lmSyc0n3D4luhjnWSd5hGPCs+/TaBRu0k3gOMMn8Jyz5LfJtXJze6f++Nn38pcSYqafMM1veZRH GymQPC+4tohaHceOdk4zn+xlh1uq0Y71h//0jJv6w8zmF6fc5kBZUh+V8u2ZgEn6VTX6IKly6zI S4d7YgW4NgYRAEfurb1YsANiOVBlS2IAM6pS3IGeqjlGraYteRBri7Jmx+VbNShGwAifZ7dcy7l gLcR4dNEzgws56veMrvDh2472rbaxVyXrCUgq0hAexssdS24Hg== X-Google-Smtp-Source: AGHT+IE4/7BwbuwtwfhXwLsB0i3Q5aZn7rPFgpOtvzT4ULZm4VcW3dgNVOfd6aFz9L3M8GZfkNV1AQ== X-Received: by 2002:a05:6a00:181a:b0:730:8cfb:d5f5 with SMTP id d2e1a72fcca58-7322c4031d2mr872747b3a.6.1739330518746; Tue, 11 Feb 2025 19:21:58 -0800 (PST) Received: from localhost (9.184.168.34.bc.googleusercontent.com. [34.168.184.9]) by smtp.gmail.com with UTF8SMTPSA id d2e1a72fcca58-73089c88552sm5087106b3a.93.2025.02.11.19.21.58 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 11 Feb 2025 19:21:58 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [RFC PATCH v5 2/7] selftests: x86: test_mremap_vdso: skip if vdso is msealed Date: Wed, 12 Feb 2025 03:21:50 +0000 Message-ID: <20250212032155.1276806-3-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.502.g6dc24dfdaf-goog In-Reply-To: <20250212032155.1276806-1-jeffxu@google.com> References: <20250212032155.1276806-1-jeffxu@google.com> MIME-Version: 1.0 X-Stat-Signature: g1gijwhdrmp4ytuc5brierkekb6cfoz4 X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: D302240008 X-Rspam-User: X-HE-Tag: 1739330519-573656 X-HE-Meta: U2FsdGVkX19F6D3CBImBc8m6T5tU52ZF2dG+Cax/DwWqxnaIWeMl2hKQgnz4kj15IsOIhnQJhCGc70HhzIYYzsSF8pwIR5Kccf6R8Nnn2OqOwRVOxod+GLjDjcJkgRkRqAsEYW0frpoIY2MPXIwgk+AbI925ZjwB9LWo28UbfPvvEf/pKASCOi+afrrneL7bQES7FJ96pIJF5QKo8XsBGqMQyyUYlAZyNet5DXktQylFuHTNmmibXVuQZqRhAjIsFrnt7Ypnx4M80QUisIm5gMg5drb0Ztinb2EJQ+XDazKz6Bweeae1vMiAJxjTVR6S63WNvKKRrZQdIlkpOGc01KjQIht6mAreeARqD4GQcwsnr+dLzQqmNpymEDUEucOr1R0hBQ4qJvR4vk0dKkQHAjZj/6rk2j6OljU6K+qsKsCkSuB32qC13fDocp2imWPUhMBRlCMinx+TXIc7Covbh8Pdad5DSGueAyUKqnz2ERlyQBkwHVmiEKm1gFIH1o1AjSy4FywENjFWj2V8iidGhBqnumI5Z+oDFrMbrC/FnSDP/P9RJD5BvrpSTXGH3LKkxhi6RhKczzWD9Dz26rTj/6a2hj9HSSi0qtb//d2at/ofdCZbWcDXqBrATsN9WGByC54vzea/KTK1Ns3y7tW0mXV9dqGHZTm1GempKdjlJQ8pZzSS4xlTGUih2I+qaONuwZZ7Qo5HZY+JtiGQqhI1fD5NPo0YCLaDUluPspy6kgr+EcvtIR+dRQ5dFTX2vc4Cj9y1CjsrkZ/bmJHLn3C4qMMZdCEi84abMax/8mFbrD0xiSF8MNo+9Kezy2G/hQ+M0fCCdev4/C2NYyhyEv8NszNNuYHfdL40OYouSHyQDfvXek03FQZhaLaCOvV59Wh+htglaCDf7uxvAuNicmS+M2IUEyeljsAfwc02iCSiDzuqX9lzfs0wVHAtIp+Hj3XesGCxEfU2qXbeETgHjdp OX0MOg3v fVVY3J8dmJm2SPfZQMw5lAZ4+ycE/NX7EQpEDPH8DKOjiLpDJCvjb3npi2m8+NW/yqSpKaZ/OHNolMNjXPTmQzjMNKO7QSUY8GWnohscONIR8siZvGBLpeA4UVcLbjQRa2+JRgY9Vx7CJRpmTy6QrTZVRJm9uR40gZFStWrFXqqK40FT/j4H4J2otL3WXr4TUtSHqCWK393ThFBt73wBK3NlZlNrNhk/d3vpArYWwszhUARhJvGo3ViYSkdVsfCpdKmURIk07kBsgUSszUXmUqeLEnrXqQBxF8RFx7NaXKmEcH7C6Hyv9r9LvzZbsbLxp/wEHIa5cJ6GMaspEXPFzqPIuRCT0pRT+YNxsg5U094LY9NGrsLlqddu6ErOtrF6DjJEDtVEllxkT1ICtm/M1tb5AJlLfLJzr8dCQXT2/1jXtu1AbgJxgf7yJoRmVFJaEpes4MqPSKmsyZQw= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Add code to detect if the vdso is memory sealed, skip the test if it is. Signed-off-by: Jeff Xu --- .../testing/selftests/x86/test_mremap_vdso.c | 38 +++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/tools/testing/selftests/x86/test_mremap_vdso.c b/tools/testing/selftests/x86/test_mremap_vdso.c index d53959e03593..c68077c56b22 100644 --- a/tools/testing/selftests/x86/test_mremap_vdso.c +++ b/tools/testing/selftests/x86/test_mremap_vdso.c @@ -14,6 +14,7 @@ #include #include #include +#include #include #include @@ -55,13 +56,50 @@ static int try_to_remap(void *vdso_addr, unsigned long size) } +#define VDSO_NAME "[vdso]" +#define VMFLAGS "VmFlags:" +#define MSEAL_FLAGS "sl" +#define MAX_LINE_LEN 512 + +bool vdso_sealed(FILE *maps) +{ + char line[MAX_LINE_LEN]; + bool has_vdso = false; + + while (fgets(line, sizeof(line), maps)) { + if (strstr(line, VDSO_NAME)) + has_vdso = true; + + if (has_vdso && !strncmp(line, VMFLAGS, strlen(VMFLAGS))) { + if (strstr(line, MSEAL_FLAGS)) + return true; + + return false; + } + } + + return false; +} + int main(int argc, char **argv, char **envp) { pid_t child; + FILE *maps; ksft_print_header(); ksft_set_plan(1); + maps = fopen("/proc/self/smaps", "r"); + if (!maps) { + ksft_test_result_skip("Could not open /proc/self/smaps\n"); + return 0; + } + + if (vdso_sealed(maps)) { + ksft_test_result_skip("vdso is sealed\n"); + return 0; + } + child = fork(); if (child == -1) ksft_exit_fail_msg("failed to fork (%d): %m\n", errno); From patchwork Wed Feb 12 03:21:51 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13971021 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 335A7C0219E for ; Wed, 12 Feb 2025 03:22:07 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 54B9A6B0089; Tue, 11 Feb 2025 22:22:03 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 4AC226B008A; Tue, 11 Feb 2025 22:22:03 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3242F6B008C; Tue, 11 Feb 2025 22:22:03 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 14FA26B0089 for ; Tue, 11 Feb 2025 22:22:03 -0500 (EST) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id BBBB31A164D for ; Wed, 12 Feb 2025 03:22:02 +0000 (UTC) X-FDA: 83109843684.19.6C16DEB Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com [209.85.214.175]) by imf26.hostedemail.com (Postfix) with ESMTP id CA163140008 for ; Wed, 12 Feb 2025 03:22:00 +0000 (UTC) Authentication-Results: imf26.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=EoGcpvn8; spf=pass (imf26.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.175 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1739330520; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=QF+XsAOZtoeX6mlWsDERSJyrasHSdBo5DRJV2HHqSDI=; b=nyPcdiGkA6lftkSXx9gqepSy1tjJsj8p6b96UrnVbwqEYg9VLO92WVcIA0sJLA3Pkg80vf zRgA4QPfcTI5TLL6cLHBcKHY6gcGx3XdDLOxKRC9EXhgdrEIeFtyOJDnLkMbSERw7dSgAP rbYbiesnRbYm1G6D2vyGeKWPrq91KUU= ARC-Authentication-Results: i=1; imf26.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=EoGcpvn8; spf=pass (imf26.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.175 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1739330520; a=rsa-sha256; cv=none; b=zSskO6htx37yXl/3K1pq02I31w2hX5m4ocGKU+ePVnu/WiyQgOFs/ZvLIaAqNWWVe1Jrdb +WCE5GqmDSHwymSBn9buDvn/CNT9cYoxpwim92YPX7/T0aAhGWs9KOvI0XUOvSWguCl+09 h6CngnWhBlNMJlDOJPk+H9Zlev/NYfs= Received: by mail-pl1-f175.google.com with SMTP id d9443c01a7336-21f8f3bd828so6432055ad.2 for ; Tue, 11 Feb 2025 19:22:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1739330520; x=1739935320; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=QF+XsAOZtoeX6mlWsDERSJyrasHSdBo5DRJV2HHqSDI=; b=EoGcpvn8MzDVFy6Z7/5io3Q9PxTLAS3wADrrqGcLEL9SLfe4Xq5d5/QxQgA0N/LlE9 1rW4QAqXaRUMD0QGGMSl0XvqAT+H0bk2v53iBY6lxo/+wbgqmd64db+KGqVxRnaClKb3 2b1x2nFMw/vnFEBAgDwne4iC8ohujuOfPODe4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739330520; x=1739935320; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=QF+XsAOZtoeX6mlWsDERSJyrasHSdBo5DRJV2HHqSDI=; b=NHJtwvQvZCPf79nDqXfC7gEACgx78x7O45UrIyZHQregJ/EtIXe04sTjPIG3+4SEbz u58LvSuHeYDDQOWBULTX5SFL52ONDJdxatVaJpqQ3X2j23FpESsTnPxx5OeXnyr0L8Ce iTgNMcW4gLrjP1MJOFL/OAhfeQ0m3uMwv6HkqKeE8Bgs1cTfRXFJPCiDy91Hhc7gttgS DGBIYuScIZQDtqN+/ClKKnFIQc/M0KmROLpPr4/rNxbjmDQi4yUxbwmXui8AhXUFIX1t gTIQgLt4lmJnEylAKnm8zX1H0lqbIbbDlnF3Krhl4XKzbE+ljZCpcvol3Y65gMvIsf8R sSPw== X-Forwarded-Encrypted: i=1; AJvYcCXRnRNp1dmB1ePV4KoJnAoZiDhXKMJ7cMRBsEnDJHXqB3vWlxLSpmujlgdrYbe2zD0T84Sb0SZoXA==@kvack.org X-Gm-Message-State: AOJu0YznJQMlDwfEpSIngZX9Y5UJj2knsTEiMecrFAyNgoliVNkOUGqV f4oMSyquwEyEPGn4veyMsSJJu0QUk/PIsugkcK1jRndC5XQdi4uRmWfa5vIoKA== X-Gm-Gg: ASbGnct1v0q7ERefXC3TyKdh7WP8VynKeqVtIPgfyrLIS4jFZuNAKbJSZFqGjQR64xr oyZPddVWwgWU+R91UJ248Mb0lFoGwVWqRsp3gI1SQefjNiu1xQpgzp6IhiceXkxJ6MupSuIEuCQ T1wxrvTukwZxBWlMXPh0Hqw5WWFxDmp677UT+dYrff61o8cCmkOFV17CZOyFyxfoWNWw8UbH/kR skeCck7TKPdAyIdfa5HrFCN/IqclGMHVQR3Dg6Hk/Ew41aZubjClorx161HBKRwUkN3BGGQkRtR BBDPkfe/EbzPI9pnZBWB6YYfpmS600VTRUlayhu7baXDmR4nVw== X-Google-Smtp-Source: AGHT+IHHM7M1gkeTK0DkmrzJae9kr1fBnAHXJ9XN96tPbv9kYILCpzpkfCEUqgGotDXyfntPOksCow== X-Received: by 2002:a17:902:f68f:b0:21f:207:bd88 with SMTP id d9443c01a7336-220bbf0220fmr10761195ad.3.1739330519734; Tue, 11 Feb 2025 19:21:59 -0800 (PST) Received: from localhost (9.184.168.34.bc.googleusercontent.com. [34.168.184.9]) by smtp.gmail.com with UTF8SMTPSA id d9443c01a7336-21f3683db25sm102503155ad.134.2025.02.11.19.21.59 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 11 Feb 2025 19:21:59 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [RFC PATCH v5 3/7] mseal, system mappings: enable x86-64 Date: Wed, 12 Feb 2025 03:21:51 +0000 Message-ID: <20250212032155.1276806-4-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.502.g6dc24dfdaf-goog In-Reply-To: <20250212032155.1276806-1-jeffxu@google.com> References: <20250212032155.1276806-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspam-User: X-Stat-Signature: fw94snnh5eom6kkiwtq4b8p71g16ffzi X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: CA163140008 X-HE-Tag: 1739330520-795101 X-HE-Meta: U2FsdGVkX1+FPv+f7IDNxsy1XY4ux+nwE/z+zYgdtn5fUNej+z/YdVibjH4Pho/UuuQed63OcKcDA4SzLvLs3upbabp9YBXuCt6cvNs0u0UfILWaH9WFjgJNy8Q8CaxrzK5Wvnvs3f5MI6AjeU4fmF8hks7po5k/N66gdD3MYUq2S0mO5NzvhL2l4ascDfTGqQptu5L+jUIsbisnPP2yMiYbwHsaKah7BSc02dZ/a+kZInGnJb1leFnpuczEOpINs/M/6A8LHxSLmxxkSgsMqFXBiT481azFjqqinYxg6lgzd6aOgRA8TXGYPHugU2Fers08T49AY8lNzlMy3lz4WfguC32hB4VOhkAYHv5wzRTR/tdTpQrDjJBsNONoKX/+0EcNFSjlQ4n06GVhIu34+8C3HfXU6G6UiYylk+HOFQCELaPLmYZnLKj09A9UEGh2ztjKhThdcFnxD6auaGakxqeIqFKRK2CVMpRlmMOEXEQadB5qop4WWW/jFtf0aTfKajiCBzZ5lLSg7kbPBYhgvCkhGrWaRY+4kRldm77Va1Qm7kFAq1Cw9UzpfccOvtOeBByX3nsfm3W4Ec1nuEv7SXV+OFCHZuZykR5qOZaF1PopVVcj4h7lIE7EeHXmUjqgZRPTxFCnlvIgBZk45z1dT3mo7mLZkjS1ZOj3FSE8WWfwhHumqwMjMOvcjVul47LSDSmVkCC2fmrGIPdNFDXBj6V8ehN4b5rFhuy3Y+7RJlB4OifYnZvDVmoWKePQDUB6+dUldfhPyu13DVspuToxpOGdPFOZk3x3l/Dd0yrO1MSAkj/LkYf7+8fRBI/QDvQ0aew1cEFyVnb6RMvZ6C4OMXp0OXlE1IpX/ju4rw8Y4kNE4z5DzI2RgqXe5LMoVFLBajLQJCFW9h1eD67onOwlACpE+VHlDonFtRRooaRazywulAxRkhO+PBh0hhm6Iftqin94eQQOke/TM2vH3Sx i4xBOFC3 tObq3GodcVKxVV/WiyS+MWomAUVIdX15AxUxr0/5Vo8IF+MziweQDqnlyfUUtCdJYwgSQh0swzyRlfXqRpSrczSxeGa5t1ADr/HHspLI8wnaMjVUj6mqvyAo1TQ+tzGSgYgj/NEvjF2BUWDH+/vovB5gTLEpZjmzlGleKCWQrU3vyQ0nHppbFBYR15OBh0nqUo16A37rrSwVGA9jFXTg7ZI6TUSNqqRzo6qBgRexLmD90zvhGMSFTK5m7IeQfl2aWZ5JwQWmJ9Soyo5IsWymM48/N9FB+WUgYshYRfGf2Amc9G01uarFsUCof3eoo+TWPuRtP6dS988Y7qOOanI127dtL07nInIVDWlt3tGVV22jIkGkztuQUbzHFLTr6LIyvHOwBszejC8L9JVQdT6scVsRkp8AQCTUCdCoX X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on x86-64, covering the vdso, vvar, vvar_vclock. Production release testing passes on Android and Chrome OS. Signed-off-by: Jeff Xu --- arch/x86/Kconfig | 1 + arch/x86/entry/vdso/vma.c | 17 +++++++++++------ 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 87198d957e2f..8fa17032ca46 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -26,6 +26,7 @@ config X86_64 depends on 64BIT # Options that are inherently 64-bit kernel only: select ARCH_HAS_GIGANTIC_PAGE + select ARCH_HAS_MSEAL_SYSTEM_MAPPINGS select ARCH_SUPPORTS_INT128 if CC_HAS_INT128 select ARCH_SUPPORTS_PER_VMA_LOCK select ARCH_SUPPORTS_HUGE_PFNMAP if TRANSPARENT_HUGEPAGE diff --git a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c index 39e6efc1a9ca..b5273dadd64a 100644 --- a/arch/x86/entry/vdso/vma.c +++ b/arch/x86/entry/vdso/vma.c @@ -13,6 +13,7 @@ #include #include #include +#include #include #include @@ -247,6 +248,7 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr) struct mm_struct *mm = current->mm; struct vm_area_struct *vma; unsigned long text_start; + unsigned long vm_flags; int ret = 0; if (mmap_write_lock_killable(mm)) @@ -264,11 +266,12 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr) /* * MAYWRITE to allow gdb to COW and set breakpoints */ + vm_flags = VM_READ|VM_EXEC|VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC; + vm_flags |= mseal_system_mappings(); vma = _install_special_mapping(mm, text_start, image->size, - VM_READ|VM_EXEC| - VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC, + vm_flags, &vdso_mapping); if (IS_ERR(vma)) { @@ -276,11 +279,12 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr) goto up_fail; } + vm_flags = VM_READ|VM_MAYREAD|VM_IO|VM_DONTDUMP|VM_PFNMAP; + vm_flags |= mseal_system_mappings(); vma = _install_special_mapping(mm, addr, (__VVAR_PAGES - VDSO_NR_VCLOCK_PAGES) * PAGE_SIZE, - VM_READ|VM_MAYREAD|VM_IO|VM_DONTDUMP| - VM_PFNMAP, + vm_flags, &vvar_mapping); if (IS_ERR(vma)) { @@ -289,11 +293,12 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr) goto up_fail; } + vm_flags = VM_READ|VM_MAYREAD|VM_IO|VM_DONTDUMP|VM_PFNMAP; + vm_flags |= mseal_system_mappings(); vma = _install_special_mapping(mm, addr + (__VVAR_PAGES - VDSO_NR_VCLOCK_PAGES) * PAGE_SIZE, VDSO_NR_VCLOCK_PAGES * PAGE_SIZE, - VM_READ|VM_MAYREAD|VM_IO|VM_DONTDUMP| - VM_PFNMAP, + vm_flags, &vvar_vclock_mapping); if (IS_ERR(vma)) { From patchwork Wed Feb 12 03:21:52 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13971022 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A8F8BC021A2 for ; Wed, 12 Feb 2025 03:22:09 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 599556B008A; Tue, 11 Feb 2025 22:22:04 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 4D29D6B008C; Tue, 11 Feb 2025 22:22:04 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3269D6B0092; Tue, 11 Feb 2025 22:22:04 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 117E46B008A for ; Tue, 11 Feb 2025 22:22:04 -0500 (EST) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id BC3701A1657 for ; Wed, 12 Feb 2025 03:22:03 +0000 (UTC) X-FDA: 83109843726.10.D870310 Received: from mail-pj1-f52.google.com (mail-pj1-f52.google.com [209.85.216.52]) by imf14.hostedemail.com (Postfix) with ESMTP id D3F92100008 for ; Wed, 12 Feb 2025 03:22:01 +0000 (UTC) Authentication-Results: imf14.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=dA0d+Vhc; spf=pass (imf14.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.216.52 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1739330521; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=l7pPl+80co4+z7JP7yvzolDYDYVYpoOhsDUrxcZkGCI=; b=zIWbRGInTor45Ag/O4uS7X3lBLKlWmcV3Lsw1V3Oot+oHYNuL183i96ggdIle5b6+OHMPG E+GgR/PzXuq/qqySofFgCQGNhe6cwUsh2zp9MDcTjFvi0H2lr/6+rDpJElMCeD8L1ZFJKA 0y32DNPRh0M7xvHSG8ZrvZdOay910F8= ARC-Authentication-Results: i=1; imf14.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=dA0d+Vhc; spf=pass (imf14.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.216.52 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1739330521; a=rsa-sha256; cv=none; b=Ra7q+BUp5BSQnHnJBeUiawCHvASvaZYBK5oATyCACqxBoUiistUwnr1LhKTDa0UCLPgW0W YnfK5zy9p2iOqvsif3z6SVaGMtu2HVE9dWxiaTcMkOiNqyTw9yHoAeiEa7LjvybeDv2dSx LRutmO16T+VgSQfHvTMHBxIWKm9Hdck= Received: by mail-pj1-f52.google.com with SMTP id 98e67ed59e1d1-2fa1a428f6aso1403304a91.1 for ; Tue, 11 Feb 2025 19:22:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1739330521; x=1739935321; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=l7pPl+80co4+z7JP7yvzolDYDYVYpoOhsDUrxcZkGCI=; b=dA0d+VhcEoCoh8/X4UPEVEk89n46nqetA3O82PU48oxZgOAcUH05jc59G/iZd+4dur UU10mY05Nz90dngpOVhd5bXkNk/3aVHafNrOLUYYIdiXvXEa1yD2lyKC+UsW2TSZ/U91 D8agevWqLch/lhN65BkPRpXQ9CUV0xkQBwc4U= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739330521; x=1739935321; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=l7pPl+80co4+z7JP7yvzolDYDYVYpoOhsDUrxcZkGCI=; b=GvzCi4ZA/DUQp7o/6z4EvVc/DrefK3q3H95UX5I83t85Jp5gJWwoEAPqpzj3GJtasI 9Q/nPum8WAosffg2uRky3LkdWr072nP/rKXoCHTjAOn9yV3lwDSu151DE+HoZlQt3oV4 dPdGXX3VNHoOhl9cgpLwk1IzAn/lq1gGkLNzYPp3dlpm4fS0Y9Ko2sAgz61NhphaT3I1 GdL9GGQw3fH20ZFXdqLVXWr3aYg+4FyhfQDxxxGmkfx+ZN8+R9VMvBf1IpYDr/mgPufy 5PH43gNizCTKefqdCk775GuLrV+413fKfpKHKUtmyv3wdX95KFzx1rMirAXwvMTVqCtV JdLQ== X-Forwarded-Encrypted: i=1; AJvYcCWyRUbbWGbsFKXCltfmF/IrKVGYqHwnk2msWfEi3XCRB+Q99WBhkD3yUKJRnwqqtjqtk5BguDuw4w==@kvack.org X-Gm-Message-State: AOJu0YyNQxwualVdl4xfcGGujNxcxqu+CUgjjUku3x1u94V6zHWIU3OH WNrgajfIFPj8Pc99Xf2RcEO8ddQDHbWFH2TuuJ5zYiD8xDzPEnVGEqbsVxEy+w== X-Gm-Gg: ASbGncvt+2iMRnNjNZ73KYvyP2cs3KK9CBN4eCwTK4huHGE7uRkOGEcoWOL1rix7DIy P3Qh9YucF1WhO/RBp39YFP3ZQuKJ0x93s1rugFhi9i6VJSU+1HxY1b/mAn4CiVpwRlEYYwx9hPX UP413bgT4Fyp9BeBRvR++gL7kCKyGo7gD++mapIqXN5yYMC3+25mdBdvX74IifEf0YTDNGd8ZP6 zzGHHkasP4m8UsKrbQqGNqubG0LjoqdUQNPUKzRNNw4ucbA7I6s76/Bak6idD4qEXNxRGXxYWol gxRd+Iuyte5lxsAUd0tVojGZG52xfUas8a2N/r1VOF40hiX0bw== X-Google-Smtp-Source: AGHT+IEQjI3mXwIsERllpCdgEEkG55fGZ2UKV6IZsw6M1hblfR3OjmOt9QtTdXsaFePhUPJi1BBTqA== X-Received: by 2002:a05:6a00:ac06:b0:725:46cc:719a with SMTP id d2e1a72fcca58-7322c3780fdmr864380b3a.1.1739330520652; Tue, 11 Feb 2025 19:22:00 -0800 (PST) Received: from localhost (9.184.168.34.bc.googleusercontent.com. [34.168.184.9]) by smtp.gmail.com with UTF8SMTPSA id d2e1a72fcca58-7309569d6efsm4018014b3a.92.2025.02.11.19.22.00 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 11 Feb 2025 19:22:00 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [RFC PATCH v5 4/7] mseal, system mappings: enable arm64 Date: Wed, 12 Feb 2025 03:21:52 +0000 Message-ID: <20250212032155.1276806-5-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.502.g6dc24dfdaf-goog In-Reply-To: <20250212032155.1276806-1-jeffxu@google.com> References: <20250212032155.1276806-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: D3F92100008 X-Stat-Signature: 9bdt8gg5da68fqx7h3azfze3xcy3rrci X-Rspam-User: X-HE-Tag: 1739330521-625662 X-HE-Meta: U2FsdGVkX1+1/JqqSkeGKNQO8Y9I6LivOJifDaoCjRNVJ1skNeW6V7jZAJmaH5cGmJCgGoZkYYYHQW4UZ9IF1H5K1FCwQzRzvR2uA4E1CzpxHRnR5oH1Ss3lQSUKrcvxe/knGhkGnsUkSVB9khFHXBlvhB0pLZRn+xlVLQ2ZgFq5VYmiespoZp1ge4wr2urNDwj1IhnzqYxsgbUH6wBU2JX7kzd+sothMIwncJsPC6iCqtjy9A5NV8BX5hltXPEDcHuHg1A5skNhKS8UjVZ4cnOxEgHfLqLBAQAF7p21/sfmlrm3S32h0rzmZzR4i/ig0nWG9rhTNww4lGpn1d61p4McswNvovo0wf9E/yZnSWAlQkc+SOUXnruB8b9/l+jyLqLGTg36IfniFVWJll0zISY8G7hNbwuj0dGmUV/q5e8fqrFo7DoDZJvdC1KAzGRu7Y8B/jc4fp/FlR2Z2M65SzqeKlHv3tFijpR0iTugIkMmT4bKkQHJAaGpX6HNwS1GSYhJmacd3wbfmY/pfqCxYt4MnSnj67hyxwOOCwp+XtotukXUssO0PH8yw1jUJBrAKn1VJDWKY79nG3aBz8sHUMLDeFpeLXdlfZiGbOSTNQOufw0cWiGjbqhfGbc0SXxB689wyvM3dT/nX2ZDcnCP5qS+q5o/kb0YPB38A7O+DURb146C3FYcOwx4wuUmxBboYAZAC+Syxss2sqy0JWYzn3yXOJlwXnVLphFxCSRJSImMwpMR4caPg116cBJrCj4vgrlPL6h/iwPpE+Ov0GI+Qp8DKjaCBSC2EtYstGFb+7SaqjPVkhsX+KVsZnEAQPieok50dXKDs3WoasOeeIQj+D03pdactsrvSmJV/Q/F3FP2FWRO0RKjShBT8LYxy8R5qx7X/A3dgENB9ZsswkNGzartd+CYCKzpv63AyBeJdqVOOHr6HJoB5+JOMgOFiS8W/FcS1xABGjBdR8kvbJ7 iGpLPZDJ VeqqfH+fM5kcoYHUtH4ljPPspCs45L9ik04VUsYIdPscRR2zS7JfjxWwyVxqVA2/hcdGUGd8a4p4nzJ1cC+SOHDLzkFxberWFWSBiWBXoEkTIqE5yPj/FjoMzFiw0AIlCAUREP6FDKqS6HgpIPSnUPp66GuXPu41sdib0jWcsrKvk1977wheYVl8T17HE/Re8qpGdTSrMg41BSMl2ie0HmKfh19rPPhDwQPyVeoM9riyIT3d4D5aH5owub5PiArupqV4ciH0/PEkj6I93jI6gOuL9/H6K9pVNFne722R+VuHjFuomqXbqLQpYkRag74MIgtQOiGxHSsTD88l6UNQW5TR9tKb4WY4t4JwLbt4k2ZqxOF72zdBWCVzb4f6fk7lW9wep1yw1eZTSwy1NhYFG6GuTFJXpRjb4AeAx X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on arm64, covering the vdso, vvar, and compat-mode vectors and sigpage mappings. Production release testing passes on Android and Chrome OS. Signed-off-by: Jeff Xu --- arch/arm64/Kconfig | 1 + arch/arm64/kernel/vdso.c | 23 ++++++++++++++++------- 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index fcdd0ed3eca8..39202aa9a5af 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -38,6 +38,7 @@ config ARM64 select ARCH_HAS_KEEPINITRD select ARCH_HAS_MEMBARRIER_SYNC_CORE select ARCH_HAS_MEM_ENCRYPT + select ARCH_HAS_MSEAL_SYSTEM_MAPPINGS select ARCH_HAS_NMI_SAFE_THIS_CPU_OPS select ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE select ARCH_HAS_NONLEAF_PMD_YOUNG if ARM64_HAFT diff --git a/arch/arm64/kernel/vdso.c b/arch/arm64/kernel/vdso.c index e8ed8e5b713b..cfe2f5b344c4 100644 --- a/arch/arm64/kernel/vdso.c +++ b/arch/arm64/kernel/vdso.c @@ -15,6 +15,7 @@ #include #include #include +#include #include #include #include @@ -183,6 +184,7 @@ static int __setup_additional_pages(enum vdso_abi abi, { unsigned long vdso_base, vdso_text_len, vdso_mapping_len; unsigned long gp_flags = 0; + unsigned long vm_flags; void *ret; BUILD_BUG_ON(VVAR_NR_PAGES != __VVAR_PAGES); @@ -197,8 +199,10 @@ static int __setup_additional_pages(enum vdso_abi abi, goto up_fail; } + vm_flags = VM_READ|VM_MAYREAD|VM_PFNMAP; + vm_flags |= mseal_system_mappings(); ret = _install_special_mapping(mm, vdso_base, VVAR_NR_PAGES * PAGE_SIZE, - VM_READ|VM_MAYREAD|VM_PFNMAP, + vm_flags, &vvar_map); if (IS_ERR(ret)) goto up_fail; @@ -208,9 +212,10 @@ static int __setup_additional_pages(enum vdso_abi abi, vdso_base += VVAR_NR_PAGES * PAGE_SIZE; mm->context.vdso = (void *)vdso_base; + vm_flags = VM_READ|VM_EXEC|gp_flags|VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC; + vm_flags |= mseal_system_mappings(); ret = _install_special_mapping(mm, vdso_base, vdso_text_len, - VM_READ|VM_EXEC|gp_flags| - VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC, + vm_flags, vdso_info[abi].cm); if (IS_ERR(ret)) goto up_fail; @@ -326,6 +331,7 @@ arch_initcall(aarch32_alloc_vdso_pages); static int aarch32_kuser_helpers_setup(struct mm_struct *mm) { void *ret; + unsigned long vm_flags; if (!IS_ENABLED(CONFIG_KUSER_HELPERS)) return 0; @@ -334,9 +340,10 @@ static int aarch32_kuser_helpers_setup(struct mm_struct *mm) * Avoid VM_MAYWRITE for compatibility with arch/arm/, where it's * not safe to CoW the page containing the CPU exception vectors. */ + vm_flags = VM_READ|VM_EXEC|VM_MAYREAD|VM_MAYEXEC; + vm_flags |= mseal_system_mappings(); ret = _install_special_mapping(mm, AARCH32_VECTORS_BASE, PAGE_SIZE, - VM_READ | VM_EXEC | - VM_MAYREAD | VM_MAYEXEC, + vm_flags, &aarch32_vdso_maps[AA32_MAP_VECTORS]); return PTR_ERR_OR_ZERO(ret); @@ -345,6 +352,7 @@ static int aarch32_kuser_helpers_setup(struct mm_struct *mm) static int aarch32_sigreturn_setup(struct mm_struct *mm) { unsigned long addr; + unsigned long vm_flags; void *ret; addr = get_unmapped_area(NULL, 0, PAGE_SIZE, 0, 0); @@ -357,9 +365,10 @@ static int aarch32_sigreturn_setup(struct mm_struct *mm) * VM_MAYWRITE is required to allow gdb to Copy-on-Write and * set breakpoints. */ + vm_flags = VM_READ|VM_EXEC|VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC; + vm_flags |= mseal_system_mappings(); ret = _install_special_mapping(mm, addr, PAGE_SIZE, - VM_READ | VM_EXEC | VM_MAYREAD | - VM_MAYWRITE | VM_MAYEXEC, + vm_flags, &aarch32_vdso_maps[AA32_MAP_SIGPAGE]); if (IS_ERR(ret)) goto out; From patchwork Wed Feb 12 03:21:53 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13971023 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8F404C0219E for ; Wed, 12 Feb 2025 03:22:12 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 217886B008C; Tue, 11 Feb 2025 22:22:05 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 1EF026B0092; Tue, 11 Feb 2025 22:22:05 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 065896B0093; Tue, 11 Feb 2025 22:22:04 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id D720F6B008C for ; Tue, 11 Feb 2025 22:22:04 -0500 (EST) Received: from smtpin16.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 8F532C16EC for ; Wed, 12 Feb 2025 03:22:04 +0000 (UTC) X-FDA: 83109843768.16.56AD404 Received: from mail-pl1-f173.google.com (mail-pl1-f173.google.com [209.85.214.173]) by imf01.hostedemail.com (Postfix) with ESMTP id B4D8A40005 for ; Wed, 12 Feb 2025 03:22:02 +0000 (UTC) Authentication-Results: imf01.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=UA0TnH9f; spf=pass (imf01.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.173 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1739330522; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=9CGVA5eSPFfsHEVs7rjQnee/yKRru+0Ft1a+zzsFXds=; b=ryl0AyFoOYEThP2Jp/phuEqthOKsXf7tJi8wqWvzLE9/wr//eXTAJWIGch219g3ZE2yrcQ s8erBP8NmDq7e0OZWM8GBD8bDzYjPtvc05UywyUBrPbFGVAnVa2pD5ousbeTJwv4ifZKUH ZtXH6SSBPGFhALxEhaiCNwSPVjR8OYw= ARC-Authentication-Results: i=1; imf01.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=UA0TnH9f; spf=pass (imf01.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.173 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1739330522; a=rsa-sha256; cv=none; b=CgIFOwRiUJdut65loloIsOw8TEV/CUaWrXvnmCIFuyfE5DmnRUWFdyUAwi3Vh8RkNymdVV nASelRnU0HZwYrlYlE9kdHyXOBbhUlaa3gQX/W+8AgffdHA7MfrGltbFaF8m28zerxsoKY G0gi4exoyIUWwR3Z5noNVUk+lyGPjnw= Received: by mail-pl1-f173.google.com with SMTP id d9443c01a7336-21f3826e88cso11821335ad.0 for ; Tue, 11 Feb 2025 19:22:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1739330522; x=1739935322; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=9CGVA5eSPFfsHEVs7rjQnee/yKRru+0Ft1a+zzsFXds=; b=UA0TnH9fXbWYy/EpWf4sJy/cjC5cK36dTOCFrBIQTERSBE9xldOcUruIgEcaUtxUIf qLybHKWpnejDDhWqgW27l2gyPqVEXKLL99EBmG0zgNzt2g1Busb8Yx1gup0sSdCA3STh RH1QiByqDZc2+Sb5cZg4MLKuhGH3fFhgZ5fPk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739330522; x=1739935322; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=9CGVA5eSPFfsHEVs7rjQnee/yKRru+0Ft1a+zzsFXds=; b=w1JXg0Is3uAsWQEDKX2YBGyrxtjKk7LCFfZ+kaBoZ8w8T8p/Kj2K7KKIHEErkAezOY tUmfQEHXFlK+YmXN3BKYosQONBcf6AmH6lF+RkLquQqpCMUmwxL2/396v+IHOr3qcVMC MYQ3at3pvY/nuVP8+THfAg+nkoZcdxgUMn8YkSEjwkH1zpixV8Chu2+Q/Wj0XL73Ctof /ovBS/zAqzZMucjnrQl9bZt2z+JBvKqJjCKnx3/dsYxhRXy3LomRQn1IpKYiNyvepIlU 18jWs2GC4m9ZWkVIOOr6Z8NnS6vlf8uPYioLK7pwXLDHBuEerabZ+6JTD2T84+Ua3HOL qEew== X-Forwarded-Encrypted: i=1; AJvYcCV9K/12RxGX7tpthW8PXm4oxMVxWvFNTP2qgUOzdu06QAtz8FvWrrz8xdwknHnVbJDTkotrDlj85g==@kvack.org X-Gm-Message-State: AOJu0Yyt+xVUOfXRd3vyfwsUBBBnEZOeXdn+JjZYy2fvxjrhDpQvWKuw qOW6ExA/ORq0ICqCZtPPePZ7q5RBBYcS9w3QxS6Fo9h0feo0GJXb6wcBo0N+RSnJThWTERdRI5c = X-Gm-Gg: ASbGncsHtP15hIeKISs+qo/AiLorakjAau5PaKAaZ+olMc+Xj51fmK8n2e5A24lDnhB OuZ4SI3gfsFP2yKAzz9cl49VeNAzlG3pJaV5sExf/0FJFv7VqSOWsqa8oK/+a10gPjze+h+1aGi CNBFDITpTwT/AfU7RLzW30eibHv/lkhAsNLFC6htIW05egmARREEXD931FTixvErp6ZIHG7LKWo mtdIh5907TnUCKrdBnyT/dBXLSeTdBbBh/pSYFPURaRK3LKswj3UWcD9XceC0yiVhhP2HiF3q2I Owqgrcr/YkpH0mzL61Dxxxl3dU/+z1/tAh0HxS6nLQ34q/QZWg== X-Google-Smtp-Source: AGHT+IGRZPknLjE2cjsyC6HVD4KIdBjVV6wxieEwLxc5+sxlPK5wduEZddMX8O/rsN2prx5qJfmRrA== X-Received: by 2002:a17:903:22c5:b0:21b:d105:26a7 with SMTP id d9443c01a7336-220bbb045admr10703335ad.6.1739330521639; Tue, 11 Feb 2025 19:22:01 -0800 (PST) Received: from localhost (9.184.168.34.bc.googleusercontent.com. [34.168.184.9]) by smtp.gmail.com with UTF8SMTPSA id d9443c01a7336-21f3683d8b2sm102324115ad.119.2025.02.11.19.22.01 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 11 Feb 2025 19:22:01 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu , Benjamin Berg Subject: [RFC PATCH v5 5/7] mseal, system mappings: enable uml architecture Date: Wed, 12 Feb 2025 03:21:53 +0000 Message-ID: <20250212032155.1276806-6-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.502.g6dc24dfdaf-goog In-Reply-To: <20250212032155.1276806-1-jeffxu@google.com> References: <20250212032155.1276806-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: B4D8A40005 X-Stat-Signature: rji8obgb69qmrr78ng8aieefg4zs3yqj X-Rspam-User: X-HE-Tag: 1739330522-724155 X-HE-Meta: U2FsdGVkX1+jFx60vhh6TNomdsV+9QpOQgi+7sxS5DQYq6xfluXX+j94k5Uv63u3pftHf6cKX6WyEvIJ10YjaAqTuiIMuhq5wLL0XreoUvLVKOZw25jEhtr4g5pitK5AUhxtTx99fV5uhi2dCTfRWsW2Gvdck51OLs7Xfy9nWIG1oHu6OOfHj4GNaNmycxA+s2ai36epfDOa1rX6YwwcdwhNfTuSWdE1QycQEnFVIGKxhbyRU0RnL8GJa6KO9mIOf/Ozc7vl5f8HdEbimxJTl7pq3kX8HwG1tSwI6FerEDeb6+/Swn1G1/lploUEL40Il+iZCbkL1CgwHE+f+VvyJjJGGwz0k+G14mpA6aWhEyaWSyPvKVFCQ45fr/fBXx5DQfu7ffZlSmTwKWxF4dUBg9FisK0rqCDM5JRO6hg806Y5T3gJGowaAsfRfra64zhEYBIdzDhAsLzLV9A7HciLACPigN3LeABSqPNsZAhaaARTE8UC6/NaWR2Mdmn7yvToZp0lzW2esUGdR8P+FZV9hwCg8vOxP1D5fn9ddf7xFQPOsrXfNlAjQQrPkmMk4V+Rzm7sCufYyKQB1woY9HG/AVJAWxZuOL790B3uFq5+JGtD/hjN3ERWVxitPiScgscfdCgFWaZuY3dkDy/8r5Y95wPBLcR5bl55LK/cNRjgIu78iY+t/5UvQL0g1r3NyvoGIQykDjg2vp38vGzVgaEHajM11O8LY/wjfQ4n/UaEUFoUMZboCWpD+wIlLiDrbUIjSwVecT9yDF7UL50A87ipmY/Wrk/QyIGxdksMOj3dFrO2oagFTAsdNBN57LtWnMrAkxqnpy5pLiqBsoPtB4/en97UAF5+Up/TsAaZG/8Ca13d60wXtXI1KnuI2yUIXqxVpkC/NNkVWlOojaw6TKAa8R7tPh0eq9b6BfPEWRakrZgEEvmWJesD6dy1vKJEQAYm/pnlbmU6F1CaPn2Six6 /xEd+FPD mXIn78EKS8j413bhVvmJVWVIQmPB5+hPp9XixQi/ucZfu6aLXdLUVRQQPeJleouuIkhdEOVVxBZChKQaV3AC22A6JMdaOt+FjqV1SMGryyZJJPKFpkMPOWUMfQo3cjJKwzZOdNitx7PsYpJY46SrwleQQQDzhej5i9Us5b7Xm+bRSsKomOwRWswhFxIG4oU3XsSj3lg2J/LnRI4a34ntHwM5enpKEMtPNAl5S3hqnt6R4SgPa27Qkk4RNAFyqfNEiK1XfNryibTyuMAk58PbibLaIb/X4vZi+Ex4rAZHLytpubChAH+GTdiTM0eyQtVvkohA9PuiJx3DrYeouDZf225yLEkZ7J+SC5jruiPCD/IfqfHqauzR5UiZOv+nYXH0PXPyJRMIbvL6Pr/4= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on UML, covering the vdso. Testing passes on UML. Signed-off-by: Jeff Xu Tested-by: Benjamin Berg --- arch/um/Kconfig | 1 + arch/x86/um/vdso/vma.c | 7 +++++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/arch/um/Kconfig b/arch/um/Kconfig index 18051b1cfce0..eb2d439a5334 100644 --- a/arch/um/Kconfig +++ b/arch/um/Kconfig @@ -10,6 +10,7 @@ config UML select ARCH_HAS_FORTIFY_SOURCE select ARCH_HAS_GCOV_PROFILE_ALL select ARCH_HAS_KCOV + select ARCH_HAS_MSEAL_SYSTEM_MAPPINGS select ARCH_HAS_STRNCPY_FROM_USER select ARCH_HAS_STRNLEN_USER select HAVE_ARCH_AUDITSYSCALL diff --git a/arch/x86/um/vdso/vma.c b/arch/x86/um/vdso/vma.c index f238f7b33cdd..a68919db0ff7 100644 --- a/arch/x86/um/vdso/vma.c +++ b/arch/x86/um/vdso/vma.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include #include @@ -54,6 +55,7 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) { struct vm_area_struct *vma; struct mm_struct *mm = current->mm; + unsigned long vm_flags; static struct vm_special_mapping vdso_mapping = { .name = "[vdso]", }; @@ -65,9 +67,10 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) return -EINTR; vdso_mapping.pages = vdsop; + vm_flags = VM_READ|VM_EXEC|VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC; + vm_flags |= mseal_system_mappings(); vma = _install_special_mapping(mm, um_vdso_addr, PAGE_SIZE, - VM_READ|VM_EXEC| - VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC, + vm_flags, &vdso_mapping); mmap_write_unlock(mm); From patchwork Wed Feb 12 03:21:54 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13971024 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5BA97C021A0 for ; Wed, 12 Feb 2025 03:22:15 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DFCF96B0093; Tue, 11 Feb 2025 22:22:06 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id DAC9E6B0095; Tue, 11 Feb 2025 22:22:06 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BFE80280001; Tue, 11 Feb 2025 22:22:06 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id A03686B0093 for ; Tue, 11 Feb 2025 22:22:06 -0500 (EST) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 303E21C7489 for ; Wed, 12 Feb 2025 03:22:06 +0000 (UTC) X-FDA: 83109843852.07.93A0803 Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by imf15.hostedemail.com (Postfix) with ESMTP id A770EA0007 for ; Wed, 12 Feb 2025 03:22:03 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=JhB4NGwT; spf=pass (imf15.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.178 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1739330523; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ZDmXk529F7J07bTvTA0+iYc1CKNvDiUkVRu5HOXs43g=; b=7PLyAyazoKw8AOSI7VchUXXy5xyMUKBSNPSRdFnGKuNLJxEh7vI4hhLNggVOuqzg+293MH XYdJk2N9WFwPErIvqWzBynfE1PVNLZSu+xvkJ6YFGWif10kr3OaKbRHuXjn7/heEO2C2uF cZ03YTMcujED/SFNO+LlLNF3POf6LcY= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=JhB4NGwT; spf=pass (imf15.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.178 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1739330523; a=rsa-sha256; cv=none; b=ICnGZxydPZSbe6qoLqpf6oEeadke9WZ8NAzOpVP1xv/HCYwp+B5PBvXDzdqFnOYGrVn9gN Wr8shtHTO9LxEVvt411f3obsF9O33ne6wI3JBYVFwCATlzQ3LTn4ELxBfBNyYdWoTOUAkP WNCAvVWOGnOENL2arFHwSrZomz1AaU0= Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-21f5015bce7so7983745ad.2 for ; Tue, 11 Feb 2025 19:22:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1739330522; x=1739935322; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ZDmXk529F7J07bTvTA0+iYc1CKNvDiUkVRu5HOXs43g=; b=JhB4NGwTRxXGssPehRlleW01sEPQuYt0ge5daxk9Q2cD0B377/CsgWnpnZlA59fpAd U071/spynJ0L72HI9iAbk9+CDUi9ptTTpbjhP5SVKDfW16lUv2foMe2oENgIq949L+oK hD9FeS8QgYyz/ct0wpkFXAbVajjQmaCPAYWJ0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739330522; x=1739935322; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZDmXk529F7J07bTvTA0+iYc1CKNvDiUkVRu5HOXs43g=; b=SP0BZdqJ3JG28YDqFm700bR9QJl944BnKo74KpMyiAmEYhe48GuqNI6pHm17Y6Fdh8 tr1Hd4A8zR/DZOMh417th9I0KaeyUHPb+OHbP3fjV7rlbHSHNcW+7+r+Qbafawjd1301 LAZ5mGbuj8aUD4i+BYqVXxHdMTXqqJBnE27HraQshKmOiDIFpuqAHgLd1mG022/mVG9h c30AMkUkNO/0Jp824XPLxHZOHhzMh2pnedxq1lsi/ehyGdVhwNom/WEe1fnP0O4G80ev 4Ragt/+/aKOJpc+Va0IrmInXAqrHlFFv608QxdhyBKx4801e+KBKWe92UoaR3W+z98GJ W9BA== X-Forwarded-Encrypted: i=1; AJvYcCU6MAnYpPXe8HAT902NEULBAkwIncFYLn7pOOLeNr9bCCobrrtR73Ok33kYoSyOSORaKHTRFYxFBA==@kvack.org X-Gm-Message-State: AOJu0YyPZRS11RHg10xz/Dk0hFCVqs5pbVOKRPMkhL5Kii4TGcqJFarX o2A1ixCXRMeVDUNPS6/w5z7B0WwX4/rS1Rot/EAVuLxba6WxTEmAV34Rj2gs3w== X-Gm-Gg: ASbGnctJyiB63s4hzMKUJ92jmDJR8e4uU3roX016NSsQKJbJTH7nWDfabE6q8fnOZT3 IvUNMFRJNlBnwKOslgFP3cMMGc81YrD+fafgTVoFnUi9zm4Fy/LMLFlKlj/eVWnnJ3oUuLZ9zdz rpUAT9C133E0B55vZwJUhDVQH1t08+iTB2zRAhlT84N7LVlrxOb5Qxwqf6XgHPgp5ygmBqscCc4 q7dZ61Uhwgq8yxmOKKlHZGVTWT6zAAUwwURy4CC6VYAY0ZnOXC8HF5gocp46sHOahhs2+PqSMlO rYh5J8Te1tdMQBvjQlfMYVmnQsYQAxjH5CZJWzWu5BU9lQ8E1Q== X-Google-Smtp-Source: AGHT+IGLyjV6DGNlQC70XXyU6c8VYNX9NRu9NY3TAy8HoniHcIPDAY3iv7rogZ2WB1DXQE04jazm3Q== X-Received: by 2002:a17:902:f791:b0:20c:da9a:d5b9 with SMTP id d9443c01a7336-220bbad0cf2mr11063425ad.5.1739330522551; Tue, 11 Feb 2025 19:22:02 -0800 (PST) Received: from localhost (9.184.168.34.bc.googleusercontent.com. [34.168.184.9]) by smtp.gmail.com with UTF8SMTPSA id d9443c01a7336-21f36897faesm102883195ad.213.2025.02.11.19.22.02 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 11 Feb 2025 19:22:02 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [RFC PATCH v5 6/7] mseal, system mappings: uprobe mapping Date: Wed, 12 Feb 2025 03:21:54 +0000 Message-ID: <20250212032155.1276806-7-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.502.g6dc24dfdaf-goog In-Reply-To: <20250212032155.1276806-1-jeffxu@google.com> References: <20250212032155.1276806-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspam-User: X-Stat-Signature: du59oqygs8p4xmuwupo1k5edubow1osx X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: A770EA0007 X-HE-Tag: 1739330523-235328 X-HE-Meta: U2FsdGVkX18ElPZjtK8ZtpdUT82kFlShGhdVDL9iNPEl+r8lVF1Ejbcup0Lmo6Z7u/BiUkNoFPjhw4qwl0XMbxiTEQKpzNwErkV7PloVnUdQHTZI1KBvSs1rr3CTDOEfW2qFyapu9XjV/barVKHpbVPGUyL2YWp+uPZbyQGC8LceKUo+YRb2yq5MzUl4yikE25zs7S0JMrCMkGARnhsL/9DFOHVE217J7xY9xSZFKmTg5Dtkdx1dsMzlORfy08KDhtAT+FGEZ9tVJJ7mnbTYJD6FMWVmHxYBZwlu7dEvl4m6e+42rGvClPJXzuhs47VVncRgjFLdiMaKy0lgIIe5gdvK1W/Ua/5UInSmRw+VpcGZF7q079UAR81f/PeM/6he2j6Fw+E1Q5OhQgmUAfkjlleLiIXqfn1X0I1g8H4oOCK+1dDWkF94TpNzvvJhP3Ke+j0iEcdmhc+B+0OkbynyU1T2RMSVfibLIy48xhAjOy+qsEkY/F4rQLspwQMIcEHv0/acb4/cKNtJ8BGd0GV+G7kgwUywITWAGjuDde9s/1ZZk4xsqwiPNLiujjyW2f+TwtP8ekTqY+0LM2JjQaDEYl04lclPzW7WbL/iVTyOvFKPcVSehattg1SgllTC7ROiGrLoEXxten3E7Yx1/yqaGTMy7hLi5bAl/UstSTjOVw1YiZHcujTXMnxz2ykqZqIHPC1mSiXwNhzQBfCQ27fO1iIyuC0Nn0EAaa0Zs4nIKUXGetTGKz1Nc2OMT8xyJmaU7OPEEiv2CSn1rPyW0Ye7ZZtCOApjwimLvBbXYT9CEauDYnCGK0S/D0Sww/cLvmhcJcKChRCOvuXDIgjq2Xt+VOGmG4r+ULLSw7SBQ9Oa/ckfdbnfEbUwr1C2stoAy5mvqe+fG7rj+ogo5F3gGofYAfoE00iZEKxfP2I8ugsfRF0k40OmATTZ+8KgqjdH0ztV2i2tpUqAxAJlvHQIHyi FUHFCJQk IrP2JZLiAmrWQMopPDK0jbn0HuWh8ow0Qv2TTZlAh5WrlWOhD3EmF8x786piqDRu+K1Qsh2whCwyZYJwCEG99gJs26GiM9JIJH11NUHDuStjauvkVgOEn7iTlWSKQvbRbA0CBVE1HjNid6i+h10WVpFgI+NZk7tgTTMhH16auta9U2MssS071SKtVHiQ9amMBpUOzolNlerH7G8SBzFwf9yNNTXQTmnTiu1XOauRDJArigm8Ew6Ceb+6MIp4mukblXKi47ptcNRNc8OHGYQI798ebi2n/ZcJrCbtL5cVEw6B9QchPTRh9er4a17p0pjlT8S6eUInu4c9TVjTkJqEguk74t9/HdFfMSCqg8/bwfvgvBayZXZuaWRboFeaYqiarHF4n1KptcUYmav92G4dqGrxYjbjAQY93iYLr X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide support to mseal the uprobe mapping. Unlike other system mappings, the uprobe mapping is not established during program startup. However, its lifetime is the same as the process's lifetime. It could be sealed from creation. Signed-off-by: Jeff Xu --- kernel/events/uprobes.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c index 2ca797cbe465..55e0fa21eee6 100644 --- a/kernel/events/uprobes.c +++ b/kernel/events/uprobes.c @@ -22,6 +22,7 @@ #include /* user_enable_single_step */ #include /* notifier mechanism */ #include +#include #include #include #include @@ -1662,6 +1663,7 @@ static const struct vm_special_mapping xol_mapping = { static int xol_add_vma(struct mm_struct *mm, struct xol_area *area) { struct vm_area_struct *vma; + unsigned long vm_flags; int ret; if (mmap_write_lock_killable(mm)) @@ -1682,8 +1684,10 @@ static int xol_add_vma(struct mm_struct *mm, struct xol_area *area) } } + vm_flags = VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO; + vm_flags |= mseal_system_mappings(); vma = _install_special_mapping(mm, area->vaddr, PAGE_SIZE, - VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO, + vm_flags, &xol_mapping); if (IS_ERR(vma)) { ret = PTR_ERR(vma); From patchwork Wed Feb 12 03:21:55 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13971025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 299FEC021A2 for ; Wed, 12 Feb 2025 03:22:18 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 43AB26B0095; Tue, 11 Feb 2025 22:22:07 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 3F0FE280001; Tue, 11 Feb 2025 22:22:07 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 15B056B0099; Tue, 11 Feb 2025 22:22:07 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id DCE6B6B0096 for ; Tue, 11 Feb 2025 22:22:06 -0500 (EST) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 87CFF815D9 for ; Wed, 12 Feb 2025 03:22:06 +0000 (UTC) X-FDA: 83109843852.08.578C73D Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) by imf13.hostedemail.com (Postfix) with ESMTP id A77A320008 for ; Wed, 12 Feb 2025 03:22:04 +0000 (UTC) Authentication-Results: imf13.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=YM7BvmXM; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf13.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.176 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1739330524; a=rsa-sha256; cv=none; b=U4JjqY4fK5Mj9pndy/AjjJo12SuxYCO8Mpw4EIyd9OlpGhdSfopr84bPdtUqsD4As3tHtU 99iSIi2tJ0NSm/InyvPuELfLojnczFC/3c0ZVJpGTV/zILGVsQXrUaVBpxmyNGT5jmvBlS 17ei0S380lJ9cs5kwCDnyRcgEnqQJbg= ARC-Authentication-Results: i=1; imf13.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=YM7BvmXM; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf13.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.176 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1739330524; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=wlSoQdNptgY7247+UT5J4unGLwbIYWVI4vHulpaAU8w=; b=PSDqRkCJL8CFlh3KEDZ+kOTDurlZbkyMKHPcYxBqjRtFDi5gZ56oqLja+JmrPMb3N/G6KW pbknmtb4/isdHNaWNo5Vwn+5faX1yG93MsA7X6xrbahI8rYo5cvpFCIsnfsULd6LEgftWL wONtrlcW4GidW4fQp0fgDNbKUD3Sjl8= Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-21f54143aeaso9100845ad.1 for ; Tue, 11 Feb 2025 19:22:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1739330523; x=1739935323; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=wlSoQdNptgY7247+UT5J4unGLwbIYWVI4vHulpaAU8w=; b=YM7BvmXMgyGh9a1TNlY5MCQo8lTcy75JQwafAEMHuWMS9cNkyPPXJT+R7fnHipJXx+ hZxKNdAmYnCQhj2JRu5358iAm3Iq9CsPs3vGuSXorjobTIX/Zl/BGBT68xZ4amzvOstk Ces0ZgFSgybCfkY/pXIsFlFU8xkzd9eqEQAFk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739330523; x=1739935323; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=wlSoQdNptgY7247+UT5J4unGLwbIYWVI4vHulpaAU8w=; b=rA+JPd6o+rqQ+Who+y++R3azf2GTe7r0z8jGqAtQlf97FxkDsc9+3Eobcmb9zkTxlf cjBMEOb+OsjW6friAfbuM0l0lSmoQd00FA1ncFgiCnrR2lmvyopUaGuHaNbuDp5W3671 d3tGAlbekiEyETy1U8qfdew/uLCAND3SigpJBhqQUecivJyD8cw2zcaZyZvgelS3rBke Ln2hc/6JaaGUKoQnHgUuImarKdQh6SNpD1+zJw9roCjtdQ9ajyqAC2VJRsPd9OsPWXoz Mu2y/CPx6O03mHwslMFXg1EoCFqKxvyS+45s2vaH++MS2r5MyQDVVb2PjAlRBz9mG44H qQkw== X-Forwarded-Encrypted: i=1; AJvYcCWbC7r55CEudYtzV8Cj2WdvUnuJeuTnl6wzWV03tcLBzYhKMe0CarHIvt/nYO+BOoI5EVQdotx/lA==@kvack.org X-Gm-Message-State: AOJu0YzjTEXxfZdRGM9mU7CL2edUR8wLz7c0yXg/xRwdlFla0sPhA2uh 1yH2WiD8jugt/MXPd+70H05/mXH9snL7JJtcTr4Qritzjh2KZEyg113+jOQfwg== X-Gm-Gg: ASbGncuNBezubNjUheWWVbBY2tBjViz9pljxNejunFp0b4PcXTgdhvZrJl9Q3z4+f1L TAwv/2RmW5oV8E9wNw9ur81940YNOpcX52zXTbThUbx0obbdHXUAXAWQlaEBCFEngocD2i3oS8q 0P7P1awwni2ggwRDJfA4Qz85TaYNrmDdwLMfNPp2ObNQ4upYRCmPXWVRNbJCcB3y0EjiHYuhlFU czLlZkMXEiOxucY4RE8HRiTn78vTom+9jHEGC7T+J+da+DG7ujkEvZ2yrooeOz38FURa/A24sNF OkVvNNzYKlZPIgOXB9pNRQByFq6cHhc4rv5D9YOseDd9SMlO9Q== X-Google-Smtp-Source: AGHT+IHih9DPBHtIxeZtSPdWvKIHKG8FUBtw2uxCsB6lpgOAKvHZ+pA5HJl7oCK9T6pOYiqVU0U5tA== X-Received: by 2002:a17:903:2bcb:b0:21f:356:758f with SMTP id d9443c01a7336-220bbaae950mr11340995ad.3.1739330523575; Tue, 11 Feb 2025 19:22:03 -0800 (PST) Received: from localhost (9.184.168.34.bc.googleusercontent.com. [34.168.184.9]) by smtp.gmail.com with UTF8SMTPSA id d9443c01a7336-21faa49249dsm32295415ad.158.2025.02.11.19.22.02 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 11 Feb 2025 19:22:03 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [RFC PATCH v5 7/7] mseal, system mappings: update mseal.rst Date: Wed, 12 Feb 2025 03:21:55 +0000 Message-ID: <20250212032155.1276806-8-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.502.g6dc24dfdaf-goog In-Reply-To: <20250212032155.1276806-1-jeffxu@google.com> References: <20250212032155.1276806-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: A77A320008 X-Stat-Signature: uqtjwohnqjnysrnnsdhqz4hzosf7epnx X-Rspam-User: X-HE-Tag: 1739330524-963262 X-HE-Meta: U2FsdGVkX19hu+NcMZdYCoaOmSjkzx5YFR+CMU4IyntFGjQHZB3Dd0zbk3tPtL4RC6ObrIR8KRwHWh3sPGG+h+sQgZpG3avY0ush5EVVIAu59kJ+kK+oAcmdssgCgcHy7UONxL6qnN2AGHsqWDW+X94XAbQF+JZPj38m0P2KHY0XG0i9VAcb/P94KU5wOW3SqfjeEEmTpPW/pHJej2XFhRL2DEhYnoimOqyoTEEECy8BV+5dLxBwZ1OuaoJN16ew9wraii2Aw8q0XFBxWdcbqrf2ZrgexWqTsZz7Wix7BN+58qhsqfGXAODsE1z51nS8k+fpHIOeo4UZdVDAkgY0BIM661RwKOamXyCE7C1Nv+ZdQ0Z79iyuXJEPHc3HyN6HIhvC4w/G3GcwOJ6eBNhucOHfsiHRiT9tSSnFfeBf/Ns3XtmW7zK0krwM2pNvuOWDEwg70K+1MB2+37VY9rcz3q4uJr4FWpmO9g/58gBmpeLcOHpuz1IuVplAo5xkJXOIa7tClBs1VC3luWwDE86jLSt3P874BNMLqlb15e9mvhoJJ3UnrbgrM1acp/hznYoLSNzpN72Y14MEmxcdbWs2NRt6EE2dSYnCP06GcEEsvk/V6PsROQQVRMjFUogfjiteMl5x2qQSTZXX9iVKl/KcfsJEgWAxXIsXODZIqDPjRTtQiBwyV+3c4xTPOuaov5x5S4uSPGqPWxi/fL7EVQWPURhL8lYDcus19s+WzyNZ2XT4Kma+rBuPsrhX6ga0KhZTwCjGdLLq0KezNUphfl+irLotKJ0sk/H63FcGOKg/4wRSIfL1k7Xhmdz9ovcCwy6VSGIl/gxsT6oz8kE7wcfyk/39SMAuRpEfXRWihyEeJX+5HNWU0g7eZ5yJMWoQTAW9snyX2FQfi9GgfieMbCkK1e40z9jhBPkhuutsA657pR2MxD6w8Av8C2jyDBmqrXq4AZRYmue3pZTKFdUDonR jDA+ninC XPmiUXVJxSN1KVemA7AY7/TNnm7sBwBsrg87nWVJT9C3mKhB+FWX40B5msNJa2lRp0ICKwIw/S2K00Z0r34Hu5Q0vQdOpMhkauxAelQRceBEX6qLk9P8QTGEWpZLnxTltJ/leVkk22qv24ytXP3pH60Nwxl+mAQswbDolU6qvVLE6cdPkBV8tK8XSqE8HdJZkUrv457aCXGLDlEdkzrDxKiPGsO90dPo5VofYaw1Qoa1Zpj/MvexDiR9gz5q5ddkTBkmDAuUiswWJPy3dsRMfUVf7dewAxzUJ0jrRzhZr+oR13dmwIpJu2Hj9PWIHNNQqhw+OlqpDB5k5MoUnUSzme8oe0YthtNuck1o+HTdLb8SPfGNH/nKKRqW8TEsxHlNYrU5/Vw6bdFCIrtk= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000048, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Update memory sealing documentation to include details about system mappings. Signed-off-by: Jeff Xu --- Documentation/userspace-api/mseal.rst | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/Documentation/userspace-api/mseal.rst b/Documentation/userspace-api/mseal.rst index 41102f74c5e2..1e4c996dfb75 100644 --- a/Documentation/userspace-api/mseal.rst +++ b/Documentation/userspace-api/mseal.rst @@ -130,6 +130,11 @@ Use cases - Chrome browser: protect some security sensitive data structures. +- System mappings: + If supported by an architecture (via CONFIG_ARCH_HAS_MSEAL_SYSTEM_MAPPINGS), + the CONFIG_MSEAL_SYSTEM_MAPPINGS seals system mappings, e.g. vdso, vvar, + uprobes, sigpage, vectors, etc. + When not to use mseal ===================== Applications can apply sealing to any virtual memory region from userspace,