From patchwork Mon Feb 24 17:45:07 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13988617 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id AE099C021BB for ; Mon, 24 Feb 2025 17:45:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id EBCD428000D; Mon, 24 Feb 2025 12:45:19 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id E442828000A; Mon, 24 Feb 2025 12:45:19 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C6FFD28000D; Mon, 24 Feb 2025 12:45:19 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 9B20D28000A for ; Mon, 24 Feb 2025 12:45:19 -0500 (EST) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 51B041A19EB for ; Mon, 24 Feb 2025 17:45:19 +0000 (UTC) X-FDA: 83155564758.09.B5492CF Received: from mail-pl1-f180.google.com (mail-pl1-f180.google.com [209.85.214.180]) by imf27.hostedemail.com (Postfix) with ESMTP id 56D2C40015 for ; Mon, 24 Feb 2025 17:45:17 +0000 (UTC) Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=KSa7HKXl; spf=pass (imf27.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.180 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740419117; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=12YXJXd/yEdP4F/xsuPjPUzHYkrMQ/m+SagD7sBuyCE=; b=ECoSnPzzsFaIyi2cBdR/1YalCsuXXKw6+u9F2kJOECtNHhNNKlIB06ZMSPBCx4ig4+sSXt c0jCLHE6+uG+ykm6g1QVpAPOIpcJ3yz14z8y7Wa3p7ofzVqD7dlY8fa1ksVTwDowLodMV2 Skmkc2lnXtPHEtSwK90j5GvNaZOVVXE= ARC-Authentication-Results: i=1; imf27.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=KSa7HKXl; spf=pass (imf27.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.180 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740419117; a=rsa-sha256; cv=none; b=2Szrn08ANlt1OrSWoAVs6+XZrDxybwtNXym85XJCdvSV2NH52nlKkFVcsWg5835VQFL6Fl VzKnxa47Fr4gMT3vkANRG5JsHXpqduxhIuKu+/HZoHTySjtaB9qdtIuR7RJx3oylCUzEHn J/OvbN/X2rOvUWD8n3G9Js6nBolJ8yQ= Received: by mail-pl1-f180.google.com with SMTP id d9443c01a7336-220d27d490dso11075845ad.2 for ; Mon, 24 Feb 2025 09:45:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740419116; x=1741023916; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=12YXJXd/yEdP4F/xsuPjPUzHYkrMQ/m+SagD7sBuyCE=; b=KSa7HKXlbYqKT2Rwyir3ZHBrzwhuJqCohpyEqKQ3Y8EMVzOJW11NIkVunNptMwh4YD n0qE1X8Z0kqnnU/yOFNcgToPVpJl1/BCGxBeLWJS3+6vPp+wWc1wq9aKz0n0nd3zqBy1 lmr6NB/c7ecSPBz1v7R3m645uhvwyQsKmniew= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740419116; x=1741023916; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=12YXJXd/yEdP4F/xsuPjPUzHYkrMQ/m+SagD7sBuyCE=; b=lvDou7qh0c3PtRJn+CAWihNfgfz74auBA1llLiQqG2iKPAEHWlBAI8Y5nDEBPtVza/ odofBqyJsXr0CCfUHOFVUDcHNO7qUybwtOr5MTvokXP/DC0SE7qpdieCBpRvU4eu+6rd w2EIIusNPTXRhCpGn4n0qWe3WwBysLFFoUDJQsRR9R5yNLjQcDZD3pn1mP6Hl0AjhFyl sHIvX2OK5CdiuCNbIBlkV5VchsGcHjs9WWj1hDekYeDqLxcblxojAJd5Rus3mPjj+ktu kNldRDkAqpVS4tYdELR74EbbdNk8ALE3y+Y8v8Rg8lSUyhYabxw9EKk4ybto0RrE6/I0 DHdg== X-Forwarded-Encrypted: i=1; AJvYcCUQwsBg1GPd/SK4FpS8EKZ1BAwhIAohPK/vwetrvMc7vtB7JVyj9WLHx/Y6m7Za2vqfkvUAJcdahQ==@kvack.org X-Gm-Message-State: AOJu0YzVM068ziS/Pr44hMCZ9BTrmTyB8Cj4xqVUol/xXtb3it5eKuR6 5alft7KRW2jTk1Wi1imgns91cZuo6qFcqOnrr6DCqrYi4+mJt2J/yDiOWd7S6Q== X-Gm-Gg: ASbGncuJQbbYxajS5NYDlsr2VeX2AFf5DPB/5jrWmMg5ZkK/XIF/+4pYFXpxLI/K70U dw/QFdMr+dDDlJjobRbeTZy8HPL4QMISqAhBwxiqAUBjwJjGGL6dFGTE9zckuVJsTr5hzCnt6k3 fUwjgyWzcoDeah//G7+/jInMTaw4vNiUe8iLEdLv26o73YusYOAYxi5G/ZNkWyFet0bi0yClu7x AUEzJ7u+4ti8zE4FWw8F80FZnS7VOg9od6WrE8cvxBQRbj0h3Bf9Nqe5pnZ9+0tBxbJku4ZJWp9 oIXk2Z5X7ADD0JfS7YdcXZpR3SSF+D4TSlI+OEnNKhl+YoR1VWTRYhj7bgW5 X-Google-Smtp-Source: AGHT+IEM10lFU8wtWJoD9BVg2aWh3maIXwfJyL7OUpA65d05St26KsRXtPBtPPG4VoNhMT8Aot7f1Q== X-Received: by 2002:a17:902:e881:b0:215:8721:30b7 with SMTP id d9443c01a7336-2219ffbdfcbmr92049895ad.11.1740419116004; Mon, 24 Feb 2025 09:45:16 -0800 (PST) Received: from localhost (201.59.83.34.bc.googleusercontent.com. [34.83.59.201]) by smtp.gmail.com with UTF8SMTPSA id d9443c01a7336-220d53491d4sm183028425ad.4.2025.02.24.09.45.15 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 24 Feb 2025 09:45:15 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [PATCH v6 1/7] mseal, system mappings: kernel config and header change Date: Mon, 24 Feb 2025 17:45:07 +0000 Message-ID: <20250224174513.3600914-2-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.658.g4767266eb4-goog In-Reply-To: <20250224174513.3600914-1-jeffxu@google.com> References: <20250224174513.3600914-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspam-User: X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: 56D2C40015 X-Stat-Signature: r8bi6nkwk6ycoqhg9ueg5yxqusz1uikq X-HE-Tag: 1740419117-543296 X-HE-Meta: U2FsdGVkX18VvQGKNbNo6ZBS5Zwd7zUAobdA5T8l9bJu3EeP27y+RFXzoizXDnUeAc1NpRGqEPUI2b8ajpefMeHHB9E3Cr1BWkYpOi9usOpNp8L2/5hUcWF3Bj8yYdzXss8/5CIgu6Yfa5W7Ytfvr2UBnIaExSnA1JUT/mDHSNTsySRx1kEsgGuNv2Uq2UMMt87ukFiWdYMQ6QGT+UTHadwqboxhhgBLA8EAbZPN6Wy/1J7Wx8fb/apNWT6ld1nNviNe8tuA23+/yzmANSEWgbrCL8U2O+KLZPAokI/QMmVHpMUzeLtWvkRuu3Mph2WJv1ZSmUE3cZh57St2TTgxK7I4WLeBxG5ez5tGBRnWAUK0zipoYG4h9SxfZ3DP1XBZa9Nlt02CThkooqc/TqjV6OEFFkk96ifm7iFNgDMFRLfouJT4IvnTB5qGGjJITyEFKDd2/YYVVqwE3uF6yNvL/nEHncm/0mPmS2xK+D7GaFyHB0wBKG87GnuQK5acvXbpTHlmNP9s++wq+KS6wtO1+qHmfBlPUgS6k3vJx4549LzinIlAVLL7s6b0v0KsopcqSdPm/sAdxqH3fKaUJm1mGAIf6XbSo+HmfU94C43ZZDxZpOoeiUV254VipyO9IHfyWVyXzYndBO6oEEz2W5Vb2TJJUWvwltH+FKO+bctqS5aOFFyf0a8UI2f7elyKBJF19fN27ibgMmJRwBBmJ15DA60SNJa/SSgedcFXZ2ZzGlqHZV0MdNX016rRr+wFNWKCxEA99qjaHY/gNhtae4/tqgRtO3zf+4964gmDut3yCrJspU/u2gowXLQNiO5X25UBDAFGSqz5/OZbVTOJMER0k1TuqjbYodnc+hrv/25xKXEtyJ90WrJ3vXaJle4aELeCSU9j7rb79ykd6srLIShDvR+uwfLWjuf9uJIxuLnSytUUbQ6W7D8T0gliRRlxp2GJkhGbyTLf/ZnMKCtFm93 HP8zGpBA 3O7+h6i7pYr6FH0sZvnL94B+5o8KkWYsi/5rXV2ZbXTPJwev1QujFCNhB+tbY8InIxCnq5iag+EoWHN3QrNcUSH3p26MVypHAX9CilV+yxhbL192aZj3BQ10ZgE6CI3Msi0Of0p4qfmuaXN7Ja6lGt2jC6iAB9+n9FrRiy/cEDHT0SuAts7HNUBIVT07wodE1Y2dLGztDfgxRk6JzhiBysNhY1otTCwc9OD4GNp8amBQ3SBecjHpgcy1K8TE/IPNJq8HtgonS1ZOmlYoc60u8BavvRFLpFui1ZupSui6m87+pF5P1SB2z39FkuOPpQCQq8I7vyjijhuqgk8zqoVr8WjxkNlTGaWXX24cJr8UgUXa8zfDIwGJdLbOy5nUDCLthgW5DNthAdW+/iAeM05a++tVC2scCbOBDGP2L X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide infrastructure to mseal system mappings. Establish two kernel configs (CONFIG_MSEAL_SYSTEM_MAPPINGS, ARCH_HAS_MSEAL_SYSTEM_MAPPINGS) and MSEAL_SYSTEM_MAPPINGS_VM_FLAG macro for future patches. As discussed during mseal() upstream process [1], mseal() protects the VMAs of a given virtual memory range against modifications, such as the read/write (RW) and no-execute (NX) bits. For complete descriptions of memory sealing, please see mseal.rst [2]. The mseal() is useful to mitigate memory corruption issues where a corrupted pointer is passed to a memory management system. For example, such an attacker primitive can break control-flow integrity guarantees since read-only memory that is supposed to be trusted can become writable or .text pages can get remapped. The system mappings are readonly only, memory sealing can protect them from ever changing to writable or unmmap/remapped as different attributes. System mappings such as vdso, vvar, and sigpage (arm), vectors (arm) are created by the kernel during program initialization, and could be sealed after creation. Unlike the aforementioned mappings, the uprobe mapping is not established during program startup. However, its lifetime is the same as the process's lifetime [3]. It could be sealed from creation. The vsyscall on x86-64 uses a special address (0xffffffffff600000), which is outside the mm managed range. This means mprotect, munmap, and mremap won't work on the vsyscall. Since sealing doesn't enhance the vsyscall's security, it is skipped in this patch. If we ever seal the vsyscall, it is probably only for decorative purpose, i.e. showing the 'sl' flag in the /proc/pid/smaps. For this patch, it is ignored. It is important to note that the CHECKPOINT_RESTORE feature (CRIU) may alter the system mappings during restore operations. UML(User Mode Linux) and gVisor, rr are also known to change the vdso/vvar mappings. Consequently, this feature cannot be universally enabled across all systems. As such, CONFIG_MSEAL_SYSTEM_MAPPINGS is disabled by default. To support mseal of system mappings, architectures must define CONFIG_ARCH_HAS_MSEAL_SYSTEM_MAPPINGS and update their special mappings calls to pass mseal flag. Additionally, architectures must confirm they do not unmap/remap system mappings during the process lifetime. In this version, we've improved the handling of system mapping sealing from previous versions, instead of modifying the _install_special_mapping function itself, which would affect all architectures, we now call _install_special_mapping with a sealing flag only within the specific architecture that requires it. This targeted approach offers two key advantages: 1) It limits the code change's impact to the necessary architectures, and 2) It aligns with the software architecture by keeping the core memory management within the mm layer, while delegating the decision of sealing system mappings to the individual architecture, which is particularly relevant since 32-bit architectures never require sealing. Prior to this patch series, we explored sealing special mappings from userspace using glibc's dynamic linker. This approach revealed several issues: - The PT_LOAD header may report an incorrect length for vdso, (smaller than its actual size). The dynamic linker, which relies on PT_LOAD information to determine mapping size, would then split and partially seal the vdso mapping. Since each architecture has its own vdso/vvar code, fixing this in the kernel would require going through each archiecture. Our initial goal was to enable sealing readonly mappings, e.g. .text, across all architectures, sealing vdso from kernel since creation appears to be simpler than sealing vdso at glibc. - The [vvar] mapping header only contains address information, not length information. Similar issues might exist for other special mappings. - Mappings like uprobe are not covered by the dynamic linker, and there is no effective solution for them. This feature's security enhancements will benefit ChromeOS, Android, and other high security systems. Testing: This feature was tested on ChromeOS and Android for both x86-64 and ARM64. - Enable sealing and verify vdso/vvar, sigpage, vector are sealed properly, i.e. "sl" shown in the smaps for those mappings, and mremap is blocked. - Passing various automation tests (e.g. pre-checkin) on ChromeOS and Android to ensure the sealing doesn't affect the functionality of Chromebook and Android phone. I also tested the feature on Ubuntu on x86-64: - With config disabled, vdso/vvar is not sealed, - with config enabled, vdso/vvar is sealed, and booting up Ubuntu is OK, normal operations such as browsing the web, open/edit doc are OK. In addition, Benjamin Berg tested this on UML. Link: https://lore.kernel.org/all/20240415163527.626541-1-jeffxu@chromium.org/ [1] Link: Documentation/userspace-api/mseal.rst [2] Link: https://lore.kernel.org/all/CABi2SkU9BRUnqf70-nksuMCQ+yyiWjo3fM4XkRkL-NrCZxYAyg@mail.gmail.com/ [3] Signed-off-by: Jeff Xu --- include/linux/mm.h | 10 ++++++++++ init/Kconfig | 18 ++++++++++++++++++ security/Kconfig | 18 ++++++++++++++++++ 3 files changed, 46 insertions(+) diff --git a/include/linux/mm.h b/include/linux/mm.h index 7b1068ddcbb7..0e2a4a45d245 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -4155,4 +4155,14 @@ int arch_get_shadow_stack_status(struct task_struct *t, unsigned long __user *st int arch_set_shadow_stack_status(struct task_struct *t, unsigned long status); int arch_lock_shadow_stack_status(struct task_struct *t, unsigned long status); + +/* + * mseal of userspace process's system mappings. + */ +#ifdef CONFIG_MSEAL_SYSTEM_MAPPINGS +#define MSEAL_SYSTEM_MAPPINGS_VM_FLAG VM_SEALED +#else +#define MSEAL_SYSTEM_MAPPINGS_VM_FLAG VM_NONE +#endif + #endif /* _LINUX_MM_H */ diff --git a/init/Kconfig b/init/Kconfig index d0d021b3fa3b..07435e33f965 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -1882,6 +1882,24 @@ config ARCH_HAS_MEMBARRIER_CALLBACKS config ARCH_HAS_MEMBARRIER_SYNC_CORE bool +config ARCH_HAS_MSEAL_SYSTEM_MAPPINGS + bool + help + Control MSEAL_SYSTEM_MAPPINGS access based on architecture. + + A 64-bit kernel is required for the memory sealing feature. + No specific hardware features from the CPU are needed. + + To enable this feature, the architecture needs to update their + special mappings calls to include the sealing flag and confirm + that it doesn't unmap/remap system mappings during the life + time of the process. After the architecture enables this, a + distribution can set CONFIG_MSEAL_SYSTEM_MAPPING to manage access + to the feature. + + For complete descriptions of memory sealing, please see + Documentation/userspace-api/mseal.rst + config HAVE_PERF_EVENTS bool help diff --git a/security/Kconfig b/security/Kconfig index f10dbf15c294..15a86a952910 100644 --- a/security/Kconfig +++ b/security/Kconfig @@ -51,6 +51,24 @@ config PROC_MEM_NO_FORCE endchoice +config MSEAL_SYSTEM_MAPPINGS + bool "mseal system mappings" + depends on 64BIT + depends on ARCH_HAS_MSEAL_SYSTEM_MAPPINGS + depends on !CHECKPOINT_RESTORE + help + Seal system mappings such as vdso, vvar, sigpage, uprobes, etc. + + A 64-bit kernel is required for the memory sealing feature. + No specific hardware features from the CPU are needed. + + Note: CHECKPOINT_RESTORE, UML, gVisor, rr are known to relocate or + unmap system mapping, therefore this config can't be enabled + universally. + + For complete descriptions of memory sealing, please see + Documentation/userspace-api/mseal.rst + config SECURITY bool "Enable different security models" depends on SYSFS From patchwork Mon Feb 24 17:45:08 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13988623 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C42D7C021A4 for ; Mon, 24 Feb 2025 17:45:37 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 06684280013; Mon, 24 Feb 2025 12:45:36 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id F2F7C280012; Mon, 24 Feb 2025 12:45:35 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D34CD280013; Mon, 24 Feb 2025 12:45:35 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id AC18D280012 for ; Mon, 24 Feb 2025 12:45:35 -0500 (EST) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 110FEC1974 for ; Mon, 24 Feb 2025 17:45:35 +0000 (UTC) X-FDA: 83155565430.10.F7F2F54 Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by imf12.hostedemail.com (Postfix) with ESMTP id 4B7E240014 for ; Mon, 24 Feb 2025 17:45:18 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=hovR+3qp; spf=pass (imf12.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.178 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740419118; a=rsa-sha256; cv=none; b=tqyxwRgBKXLNnAyKXoWD0BP0ViA5hfPQnrKMPFpouE34IIBcv6smIdmqT1eePq7w/YtaDc +FPioiLIKab6Idti+vJfLgEHGYrZW11x2+AJ0A1uGAnxcQ+EP+jkFqUFslIsBtcUn78OsH gVp+6gSEUJHBgdMq+87DqC2A/p7KgmQ= ARC-Authentication-Results: i=1; imf12.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=hovR+3qp; spf=pass (imf12.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.178 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740419118; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=xOuDnv83CpzU9+Is9rRk+mGWBAWQzFMYMR0kufccTA4=; b=BipSpw6KUNduLftYjzGglA8rxO2Mapd/2S7fgvMWWkvK0ikHKaEFSrFGjn+Jki1ttBV9OK jmVKemicGkW/p5Vh3FOrid9U945/gDEsJbhAL8cnGbMin7LIYN5HB6/m0NBsfoVs8dW4Rz T+x3kd04KUxL5Rp9t5ZBkyTD0kSaFTU= Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-220d47b035fso10721105ad.1 for ; Mon, 24 Feb 2025 09:45:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740419117; x=1741023917; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=xOuDnv83CpzU9+Is9rRk+mGWBAWQzFMYMR0kufccTA4=; b=hovR+3qpWFgUVkPegkxTROo9ZjqKb+oJ4tXN3hS2SQQpDLCmSdx5m+u3aj2I6u9LrW RLOAtxLMeW4e2Qv7Q9zrieyzWzI8dW1yyvI/gvFM18gwRl7JbQv+i0Uz32mmAUwWZFjw o49GxbeMNOqWhobsSYuIZ0VlU6K3bgDToIZH0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740419117; x=1741023917; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=xOuDnv83CpzU9+Is9rRk+mGWBAWQzFMYMR0kufccTA4=; b=v91TkfYfRSX4iWtgpH4wpBvVsYMcF6X9f+ebNh7PToMbR7jsMQkV9HMy0maqN5Z8vj 6oh8qX1eCFkJRcf2WfaPSwJXvztazV26vwwJB2ogoCi+dpkGFZl5felPx6Zm2KErP4/k V7i2i3q4tvm5+yqJWk0N7PW50lfjf8n5t0g6pgbzi6xKp6+6LmN8UgHLuSwNzMO76FIp jB/dLFW6VQ71m1e79Q4iPZP39sBHf6Ua0xnGak/eV74lYToQ+0yFBvw70qafrWdIzNxq XOaKbz8TYA6nLfOO3BPdFR3UaSMDPcqupK3s2XoIH5cC6ZiXmfPeYWbHrHhPRgb9RwBQ 1l+A== X-Forwarded-Encrypted: i=1; AJvYcCWqkI0SzWOxCzP/vmNO1XCCzEwdjckIpCnz/iewcadWscMXYTBjumCNOI4tT0JdM06glLplTyo/ZA==@kvack.org X-Gm-Message-State: AOJu0YzD8WVAN/hd8OD9sQ1Cf4nSmzZHVI31U45MI9k/FbWQbxHmpaiG LWP4qAt1aV5yxBtAn2kp0csLi6tHUX1DuCT4wv2w/FGe2ZoMWdJ9CNYIJH0A3w== X-Gm-Gg: ASbGncuEMmrtx/iZCt0eDyjJ+wTLCaWYJb52G67Ld0DblE6GcRTccJpXnTtSShM6Q1N 899zWZY2ej9lKLfJTedqORXrcj5oypOUaocL3VqVG/Nl5r+0dV3wsL0uO16xvG7+4u1syhPM9cz adRoVdBi2c/PmjFhtHGSYe7OnmHFQ7TNSzF4sERkIzMOQJ6FTH1MbrFbc/ecCrL9ct2MXyqMawx hJ3de6l5GSrQ94spxPlliaroZX0juzDUOu3PyXiRp8vqWx0fmBxaj2R68nBYpS96VbZJWOdZS1e 8z9Qg4aH4hPVearQ9jcBDsk3qL5hNIcpGbN85GfpiKUMIYHv7iE2Fp4E391i X-Google-Smtp-Source: AGHT+IEeYZ54rRUbGdZQIOlhhcGLgC+WoktvweDeP2f3Op4uks5fDxTwn3C0YXbJAivdUXc4ZCp44A== X-Received: by 2002:a17:902:d4cb:b0:216:1d5a:f348 with SMTP id d9443c01a7336-2219ffc3d7amr90719385ad.11.1740419117182; Mon, 24 Feb 2025 09:45:17 -0800 (PST) Received: from localhost (201.59.83.34.bc.googleusercontent.com. [34.83.59.201]) by smtp.gmail.com with UTF8SMTPSA id d9443c01a7336-220d5349634sm180515125ad.31.2025.02.24.09.45.16 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 24 Feb 2025 09:45:16 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [PATCH v6 2/7] selftests: x86: test_mremap_vdso: skip if vdso is msealed Date: Mon, 24 Feb 2025 17:45:08 +0000 Message-ID: <20250224174513.3600914-3-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.658.g4767266eb4-goog In-Reply-To: <20250224174513.3600914-1-jeffxu@google.com> References: <20250224174513.3600914-1-jeffxu@google.com> MIME-Version: 1.0 X-Stat-Signature: 9rb3hg4wb65afrngnac1srcb66y5wasa X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 4B7E240014 X-Rspam-User: X-HE-Tag: 1740419118-277441 X-HE-Meta: U2FsdGVkX18b23VlsQVRn2gNLdpAqi4Ud9A2NYg/SAVlAXlN6MlLq+FfIDU4qURz+iVdVN53R9XcdfnZxlTMU97GSmkjGF4oWN8Z/UeH7kzq7jXjKu40cuIsmuT2kcTJl1S+5lU26M4tV7FNi3DpeVMSp0VZ3/SLMe7Lmw+rw+Aehs6lGgIKhmG8hOI0zzIvhmts02QzeWFg1tl5pNhWImZRZ87Yq4Y2cy+U0st7xaLMxuwHkPt7O1nvrhimUva8iFmrdrFtm4P50vOpelDO0m9xx8Tm02Oiku8VWVMvburG2USr19Xnlr8MS/fnNxMJQTAoul3WhLQFBwqq+n5+vrFsd+FRKrOLMtTVJ5GKT18/Z5xVmvnyUP81uoKsu0BJlmvjzMTOB9VGmO2AbMXhOzvWWqDuv9wpyehuPDDtndkeyyqTOodIEafYjNSLbkvQ5BH33eJENq+e5/wmkfx+sXA1MZfbuGg1s4uzbktW1UoWlMqIwRhvzfRC2NM+1p62fwBlcOSGsDErBPCbBVdCguhYzIEwzhmVqO/r6ovHyA4cJKEo9QiYQphJLwcs9oAr0uZFdBAIkLOi4o2oasSIi0vQLhipbxGfpRWShfq4f3/Vw4panuVTcXqCbwoSVNTWwrklnkC5r0gi2l43Y78GErqSE+MS0+yKr3iBBeV6aUjSnhjWYweecMlGa6ha8CpQpdHQUnCDl1ayCPSMOeOOWt56VNkf9L8tfy17LuPc5/5ADKi3rsjRGhFZ5Xh+eiTyMCzu7MdJXLlTPePhGcRMUrYtvn91oZxxpcqv/G/3HYoewKTNKdpB2cnpjSAD09XCAC4mbqGqMs3ECdJXm51fMuIvp3nyGke8MWENf2zZa2AE8HGyOM+ShV9wqi10h954MgtacMnsxUruGo3DL/YWYJjKkGf56PUqlFIt+eumFruqfQAg5muhaJXxZFWZu8iRCTAbWygGYdG88PUqLzn qkIrlmtv XapN7Q8jS/gqHXUfS6Uf1r9MmIr04MfP5MjG1RNz7tbGf2eTHkUEo7dcOSfo2l5yuoE4HkaxuV8J4BLwy4Hf/cZX4ifXLJKXbS5iCg8bzERZFTkINz6MHE7LrMGB9rIRlBhqSdrGIu6oiUrfsxtI2kMAbd0jQW07/j/i5qFrNGoS1kbBFIuUSdEYGOb0t7qGlDIMBSP0gSO0lfd1anefs6Ig0omB9eG9ca6w5iqlXJL+An7HFbNjoqlx7osvMhISqO/eEPdeihBEi6p1c9HOTq0x3ygrhr59AZIexbD/5b/pvCqpf/g3Tofb5n8k3UKYvPQ9Wjn4NPBo9p5888d9QMeyNbhNgNQiFSvQUZs1Dsl4PGNbwN9KUuGQof7SVnyuS74XNs378MqQQZLCBR5L0f9K6wX3m0cZBksESt2v66CMS+1n4vzNwUv2zgp0Ft7hQKLdnfdZP02SFf3Q= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Add code to detect if the vdso is memory sealed, skip the test if it is. Signed-off-by: Jeff Xu Reviewed-by: Kees Cook --- .../testing/selftests/x86/test_mremap_vdso.c | 38 +++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/tools/testing/selftests/x86/test_mremap_vdso.c b/tools/testing/selftests/x86/test_mremap_vdso.c index d53959e03593..c68077c56b22 100644 --- a/tools/testing/selftests/x86/test_mremap_vdso.c +++ b/tools/testing/selftests/x86/test_mremap_vdso.c @@ -14,6 +14,7 @@ #include #include #include +#include #include #include @@ -55,13 +56,50 @@ static int try_to_remap(void *vdso_addr, unsigned long size) } +#define VDSO_NAME "[vdso]" +#define VMFLAGS "VmFlags:" +#define MSEAL_FLAGS "sl" +#define MAX_LINE_LEN 512 + +bool vdso_sealed(FILE *maps) +{ + char line[MAX_LINE_LEN]; + bool has_vdso = false; + + while (fgets(line, sizeof(line), maps)) { + if (strstr(line, VDSO_NAME)) + has_vdso = true; + + if (has_vdso && !strncmp(line, VMFLAGS, strlen(VMFLAGS))) { + if (strstr(line, MSEAL_FLAGS)) + return true; + + return false; + } + } + + return false; +} + int main(int argc, char **argv, char **envp) { pid_t child; + FILE *maps; ksft_print_header(); ksft_set_plan(1); + maps = fopen("/proc/self/smaps", "r"); + if (!maps) { + ksft_test_result_skip("Could not open /proc/self/smaps\n"); + return 0; + } + + if (vdso_sealed(maps)) { + ksft_test_result_skip("vdso is sealed\n"); + return 0; + } + child = fork(); if (child == -1) ksft_exit_fail_msg("failed to fork (%d): %m\n", errno); From patchwork Mon Feb 24 17:45:09 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13988618 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8BA8DC021A4 for ; Mon, 24 Feb 2025 17:45:23 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E716A28000E; Mon, 24 Feb 2025 12:45:21 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id DF72928000A; Mon, 24 Feb 2025 12:45:21 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C266428000E; Mon, 24 Feb 2025 12:45:21 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 9B71728000A for ; Mon, 24 Feb 2025 12:45:21 -0500 (EST) Received: from smtpin04.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 402001619B2 for ; Mon, 24 Feb 2025 17:45:21 +0000 (UTC) X-FDA: 83155564842.04.DB7DBE0 Received: from mail-pl1-f177.google.com (mail-pl1-f177.google.com [209.85.214.177]) by imf20.hostedemail.com (Postfix) with ESMTP id 502B51C0006 for ; Mon, 24 Feb 2025 17:45:19 +0000 (UTC) Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=hrCVAA09; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf20.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.177 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740419119; a=rsa-sha256; cv=none; b=ynvj39NYr+9J7NzY8jJ3hZvY59XmvBIYQY9oGNwMpgU+ZFttsmXlrj0DhPrf3kWhi2bnb5 Vm/N+4uCs5vzK/X5OohQUHbgr+tyYdEj6opxgfI8f3NesHyTJlpSw19WE2EwdPYDKQQaKr +6o3ROUX8yhzoXrjTaYgB3NFsqdVYwE= ARC-Authentication-Results: i=1; imf20.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=hrCVAA09; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf20.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.177 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740419119; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=X21CnZpPkRdzfQTLm/xqoLd+RlCmfK8svSgo70Yr8/I=; b=W8gt7QGNJBAtIAW7Dh+LRH9XDcZma+8vi85uztUUxvPQAO2+Dt5+ko+9Qohe/Tbt9XacGJ z66msT1+DfdHxSJnWc/VzN9A+EtOjepjprc4/uiwuubg4BkJ3PUUPon9GU7o+xz/y1lKx0 K/fbmn+flAH0v7xniDmY/QIMOWMtbRI= Received: by mail-pl1-f177.google.com with SMTP id d9443c01a7336-222def4189aso2676005ad.0 for ; Mon, 24 Feb 2025 09:45:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740419118; x=1741023918; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=X21CnZpPkRdzfQTLm/xqoLd+RlCmfK8svSgo70Yr8/I=; b=hrCVAA09IUtFLnwBPY2cmFRG6199DaNR0iHq8WEWCaCsC0AlVJ/0sMmnz5T2OBolNL CxOVNS920bw3ak+GeTGQbumzS+NsJagHHMnWxNZEvl0a4pilWeN0kCsZkp4kxOpPGrvL 321G0jdsa93vQkDx9Fz/fDgq7ojc5w//Oei6Q= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740419118; x=1741023918; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=X21CnZpPkRdzfQTLm/xqoLd+RlCmfK8svSgo70Yr8/I=; b=kAdWh3XYHvCxSI3mQOIFbCm+P0F9d7gGB5eKVrAmYcRCn0c22biytCLRKzVfpSH3+y fjzfoJASr8lWdjV1APYl/VCXPhMLxwfq8T6der7t48LQEmON62kOeYjBENawqh7M894C zFt5ZtDz5IsM1+DO7LUEM/Hhm9XEnjIRVTWfihCu92/scY4XdWnukfkPvMnEqKFaeLC0 HdV+kV3JYMIB1L64RSXZpe9vBvyLVs+AsMeYnDcImCG78DH6cKERWNw4kDvMmcmSv0UZ 2UTX+a4qJ/uAJH8T5Tgei/JQWu3QVX5Dd61SSA1poUEtF4+O7sSgfQLH9XlrN9fpJAX0 lQvg== X-Forwarded-Encrypted: i=1; AJvYcCX5aGWzIDNF/rdQAr+hdRONrbqxLA0S3KIpo3yqHABXnrh+efIVz0Ep0aNC7EJQXs7bwDM8G7JPcA==@kvack.org X-Gm-Message-State: AOJu0Yzp/Q+S/xaJHT5QvwHmkfmCupsrfkKAsniEGn13lNk9dNcMJ5qW X/y8RjzWFG/r+meNUeXeVv1QO2bAPDpCchHIdGVbsqGfn8aM9g64h+cp3itDeQ== X-Gm-Gg: ASbGncu9sw6Yl6AGPT9CHAZcHo0rQhH2QVNNbvtl6Gm0sn+4ZzU1ghYPstIdTBv6oeG FG+fSUsquJ2Ve+uwnUtNcEbpySIMghJ77MonideLTuswPZEmn95fRz1GiX18cQk6eHsr6L/OoBG LgoBQ1KINZZ3ug2b8CbmyHya/lsWGv4LpQ0lrN1vf/QlVazMozcJTU5S+xl/ldlPMVelj2yXfvf a8yT+wcXqPhUVwmaeOoD6DOpvyIY+qh8J/gVTMA+eBYK2Q8CgOPTV6DC1Em1cV80ZTqk1Kp2vKM L6SGsLqf/6MXF82H11+ZrrwdIThffCpy5nzI8LC/mIazmTPx4hp0bUR5pC6o X-Google-Smtp-Source: AGHT+IEIEwr4JLc08uaTem+ZJWi2exsrefWwA9KhDKMeXGKBmCEayibfQPpqr5pLiU9niDft6DfzOQ== X-Received: by 2002:a05:6a21:999f:b0:1ee:e16a:cfa0 with SMTP id adf61e73a8af0-1eef3dd0ddemr9610048637.9.1740419118151; Mon, 24 Feb 2025 09:45:18 -0800 (PST) Received: from localhost (201.59.83.34.bc.googleusercontent.com. [34.83.59.201]) by smtp.gmail.com with UTF8SMTPSA id 41be03b00d2f7-adb5a92c6d8sm19248497a12.65.2025.02.24.09.45.17 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 24 Feb 2025 09:45:17 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [PATCH v6 3/7] mseal, system mappings: enable x86-64 Date: Mon, 24 Feb 2025 17:45:09 +0000 Message-ID: <20250224174513.3600914-4-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.658.g4767266eb4-goog In-Reply-To: <20250224174513.3600914-1-jeffxu@google.com> References: <20250224174513.3600914-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: 502B51C0006 X-Stat-Signature: 6yw9fnqhoreuugteranp6999cnd4m7cn X-Rspam-User: X-HE-Tag: 1740419119-606666 X-HE-Meta: U2FsdGVkX19Gd+ervabIyPmPZPy7S3USDVzoP3d59Bgsr6MfDuYizddY+PKm73Xg7DgFezC/A6NxAthzokARHrjSIVpGBII5lL5ODwpjYCYUcMigi5BoLvvtWwqNG8HBUM6aFW0TLKM44BdI2pCN8IIiAV8PJ6Bd8ZMtKffGDjoDmjltv26zpuVFgw+3YSudcxLSUlK8nEWZOr89DGf8lrJENYM2MWVnILxCz+mxkD+EwER+SAI92H7jHvqztLgrFJC92IvoeB32JzVis6AHDXvIVJUYWY14AAeNN/DubwaXvDItQaSaLHMDe43jertzZchO/a7qXIvKbSgOql10/UyC8UK9fMfJRmJCN17A/3NKsUg/bozNDIJsnRPbo3SjJO7AUB5mhUo97RzM4e/2ut9GBoJVm4sZ9RHfxbybcLLe3XyPXQ276P9eH+2lJp7UMZ9UB28nGmrsVv6WEmf/h+dfi7fPBmEa+VPkIX8NJ7Wy5PAvfdyGDPn1X4CnAvWGtTtcZmSRpLWuTOTkOjrbI9QBV4J3o4ItHBuJ0InxrwBZupo3FH+rBsMBLrhn81U0Y8YmruvtDWMOHX5swDi+JG/lcRERO8LG+mjqEib/uQa+GgaOs97uIxH+rp8k4aD8kJHBia59kXgUckbguvQXH+zzXxQ7fBTh/udyvFmyn1bh8bOdKKS+wvlsaCvgGp6/+6tdeMEipsV6+DjIB3d/CbB/qDnrMeozoZb9vSEkcdD3l100UZIWyj4i4xJ4mhHlpXsodRDWSFjgCKjNKwABOCVj3KowF55j5gkL++xN3yWr3MZ7P1nQ3BTHhaqomr1oz3PqEM3J/0Rcej2NgEVThfv7suzCuiM4u3TkIbrWsEu7S+B4skt3hq5I40Y9vSLN9vqT2U8AgscCeMoQY1GuBJaQagy+VClYZQKWrKRnuqhWld8hv2eW8K/LVHAbfGUN+ct+/T2eITQF3E4K7l8 4zdzNNPj EFLgtDgRckJCzJSiesjwOqWBlj0NFO+LUMRt3Ow6MB2MuGEHR5xTmaMEvyQY4RPoE+kpPp5WKIxwShl4DtBkggqbTrgohT88zu59tFwNnAaD1mXaE5B3h2F9Dcwqkc7y9mvFsgI6JRQtR8Nq+WeNEdsBfh6LDLSY4/FEYstMQ62OpN29+Mn0ED+tEAyhbEVB/4cvEJuT5u+c8x6Q/v+S+jwbNG7erTB+kwajMUuYr46Jpu1nl+dT9cyPI9VeEDgeUCrXoazsX7HXvaHl3mly2hzFys4JYGwCkbVtWS/JOta2ezwhs2HCxCtyuk+yNWZ0SUmQolwpD8U6iQtyzAKjKPtrue/53Og1A/7nPFY4ycX8mHw9zkoFoYCIOgQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on x86-64, covering the vdso, vvar, vvar_vclock. Production release testing passes on Android and Chrome OS. Signed-off-by: Jeff Xu --- arch/x86/Kconfig | 1 + arch/x86/entry/vdso/vma.c | 16 ++++++++++------ 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 87198d957e2f..8fa17032ca46 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -26,6 +26,7 @@ config X86_64 depends on 64BIT # Options that are inherently 64-bit kernel only: select ARCH_HAS_GIGANTIC_PAGE + select ARCH_HAS_MSEAL_SYSTEM_MAPPINGS select ARCH_SUPPORTS_INT128 if CC_HAS_INT128 select ARCH_SUPPORTS_PER_VMA_LOCK select ARCH_SUPPORTS_HUGE_PFNMAP if TRANSPARENT_HUGEPAGE diff --git a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c index 39e6efc1a9ca..54677964d0b5 100644 --- a/arch/x86/entry/vdso/vma.c +++ b/arch/x86/entry/vdso/vma.c @@ -247,6 +247,7 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr) struct mm_struct *mm = current->mm; struct vm_area_struct *vma; unsigned long text_start; + unsigned long vm_flags; int ret = 0; if (mmap_write_lock_killable(mm)) @@ -264,11 +265,12 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr) /* * MAYWRITE to allow gdb to COW and set breakpoints */ + vm_flags = VM_READ|VM_EXEC|VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC; + vm_flags |= MSEAL_SYSTEM_MAPPINGS_VM_FLAG; vma = _install_special_mapping(mm, text_start, image->size, - VM_READ|VM_EXEC| - VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC, + vm_flags, &vdso_mapping); if (IS_ERR(vma)) { @@ -276,11 +278,12 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr) goto up_fail; } + vm_flags = VM_READ|VM_MAYREAD|VM_IO|VM_DONTDUMP|VM_PFNMAP; + vm_flags |= MSEAL_SYSTEM_MAPPINGS_VM_FLAG; vma = _install_special_mapping(mm, addr, (__VVAR_PAGES - VDSO_NR_VCLOCK_PAGES) * PAGE_SIZE, - VM_READ|VM_MAYREAD|VM_IO|VM_DONTDUMP| - VM_PFNMAP, + vm_flags, &vvar_mapping); if (IS_ERR(vma)) { @@ -289,11 +292,12 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr) goto up_fail; } + vm_flags = VM_READ|VM_MAYREAD|VM_IO|VM_DONTDUMP|VM_PFNMAP; + vm_flags |= MSEAL_SYSTEM_MAPPINGS_VM_FLAG; vma = _install_special_mapping(mm, addr + (__VVAR_PAGES - VDSO_NR_VCLOCK_PAGES) * PAGE_SIZE, VDSO_NR_VCLOCK_PAGES * PAGE_SIZE, - VM_READ|VM_MAYREAD|VM_IO|VM_DONTDUMP| - VM_PFNMAP, + vm_flags, &vvar_vclock_mapping); if (IS_ERR(vma)) { From patchwork Mon Feb 24 17:45:10 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13988619 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4FF87C021A4 for ; Mon, 24 Feb 2025 17:45:26 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 12A0028000F; Mon, 24 Feb 2025 12:45:23 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 03BF428000A; Mon, 24 Feb 2025 12:45:22 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D81EC28000F; Mon, 24 Feb 2025 12:45:22 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id B65FB28000A for ; Mon, 24 Feb 2025 12:45:22 -0500 (EST) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 7B80A1C8CD5 for ; Mon, 24 Feb 2025 17:45:22 +0000 (UTC) X-FDA: 83155564884.06.341BC7B Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com [209.85.214.171]) by imf23.hostedemail.com (Postfix) with ESMTP id 8F0D2140017 for ; Mon, 24 Feb 2025 17:45:20 +0000 (UTC) Authentication-Results: imf23.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=l+44w9Tq; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf23.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.171 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740419120; a=rsa-sha256; cv=none; b=0kcjnzbYkGic8rGOVJe/w5VwAw2czFhwhgIxDRvlV4reJH5gMDj5EgksAz/5+Q4uF0QR3C r4G9LtNPiSmFww/tjobeZznnqeH2vXJkKA/4hG7STx+k27AsE6R6jHL3fqRP/pLWmfEtJT hjJ0qnZKS+0GEAU2Ttcqwl9Xpq9OyeA= ARC-Authentication-Results: i=1; imf23.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=l+44w9Tq; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf23.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.171 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740419120; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=83PJNkO9JARY6UfrwtNSh9B3t1cYA+bhOuyhuOOAsAw=; b=0ScwX4nNFYVmUUB+//iSoEKMTAqTD3p2wmWpb0LScTEPLLovkk6IbZPGzBafOKY0RLisNO qYliFerUMoQwx5AMhm1h/EOJKW+RCcH1j1F8kIdBIIovSaNq/uHpE6w/B2qtjqtnAiESy2 2gjO+3U9jDYq2qO0lWIGFft9t2bdvGE= Received: by mail-pl1-f171.google.com with SMTP id d9443c01a7336-220c3e25658so11171755ad.1 for ; Mon, 24 Feb 2025 09:45:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740419119; x=1741023919; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=83PJNkO9JARY6UfrwtNSh9B3t1cYA+bhOuyhuOOAsAw=; b=l+44w9TqMgF8zhVVFBq6aeyS3gccR2SVf76+FWD33PxFo+03Wub+Uy+HlATx1624Gy pvTS/tx2l6q0OxElkmTorHkz8nkJTtS3frVqKkxjOvIMSErVphX2j9koEzi3038Ykt4z YdpwikMJVbze9vVWahjlXbmbumCCrjkUPHQgU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740419119; x=1741023919; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=83PJNkO9JARY6UfrwtNSh9B3t1cYA+bhOuyhuOOAsAw=; b=a+LxMaycpljPkYbJ5ODZmfHuo9ie4hTxXs7xAYJVBznccJxzAfOO+jQX0sE9SLTyI+ AjG04xYt01KtR6AISVtMtTsSc+gRKqPSTbLVVUAmqbcxM5vFREE+mt2VlJpU6vxkAjSp rsrSMdqJngBIIgDxXY8frSe8I6ITEx09nvQarY76AjHMM9zuXO3hU6ICtnqe1KT3WxmW cgTkvRG9M0TyK6xqTZCsbw7OXxrtupp7eHKOa7BqlvvHiZKYHd0FBul9I/f01UoQQDAt 0zU6w16EciFY+xJeza4TUNg8FVtysul0i0aVlbMnd745HMP3ckjIAeHqWAWr/tsII3dV 4zqQ== X-Forwarded-Encrypted: i=1; AJvYcCU6Os/01LljJQMfeO99ezvwHa9zAwr4TO2Q8zYOzJu36fYj2lEpHHHwHNI2p0ZIh74ga+/ZSGeJYQ==@kvack.org X-Gm-Message-State: AOJu0Yx3tjRZmH/qmuP14m1WZ6Ii+7aI8m6A4vLuFkpjA60aZFUAdw1h upbl2oovUyoOAJK240uOGU0vHT4YYjE+K4omBakQAH9xnEwWF2FUKI0ilAKHKQ== X-Gm-Gg: ASbGncuWlu/dnZHfBiSabvIpNnuzPsS6DhlzQjkuvMWHQO4k4EHTRNBpcwECsMofioC c4khvuz3uHI6eotXHSB7zsPSLUajevYc/1xytm3bKV7gI0dAhDS3Caejg2od7nB+20yXRXpm+ie C9KB2xuDgAy2UWvAzL9WPS92kVTFm4RjeRR+oBo2H61J2IgbOxYYRxJR3bVB12Du/pc7JSG7mds Xu51rVbN/sBaa0jWSAmruFjqmdTsx2cZQmcedwcbJN+7msAltdQeuXfUA7F/0+DDhQS59MjFWmZ XgwXOdRCocdVJoukgLzAvu+My/VNLlaHb84SweDQ6HdTsJ8BsBqs9kGb9emi X-Google-Smtp-Source: AGHT+IENcuh0GalF98aZHKN5+tl8yLBoqJnSu897mR97ZSdm7iKR5lpyIJSzEx3gH73SJaU8KQn4bw== X-Received: by 2002:a17:903:22c6:b0:21f:f02:4154 with SMTP id d9443c01a7336-2219ffe0dbdmr89037615ad.11.1740419119262; Mon, 24 Feb 2025 09:45:19 -0800 (PST) Received: from localhost (201.59.83.34.bc.googleusercontent.com. [34.83.59.201]) by smtp.gmail.com with UTF8SMTPSA id d9443c01a7336-220d55850f5sm180508385ad.208.2025.02.24.09.45.18 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 24 Feb 2025 09:45:18 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [PATCH v6 4/7] mseal, system mappings: enable arm64 Date: Mon, 24 Feb 2025 17:45:10 +0000 Message-ID: <20250224174513.3600914-5-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.658.g4767266eb4-goog In-Reply-To: <20250224174513.3600914-1-jeffxu@google.com> References: <20250224174513.3600914-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspam-User: X-Rspamd-Queue-Id: 8F0D2140017 X-Rspamd-Server: rspam12 X-Stat-Signature: s8apang86gzn54tkqnsu5kw79zrpjmec X-HE-Tag: 1740419120-367742 X-HE-Meta: U2FsdGVkX194fHc/JVk0R8+LWoh3/uvhA7e1fnH6fT47JjNBZBeRkPZ/3DqjRpCd/qWJPDF76n0tAFlxIg6OHO80gVC0nYf5gwgWKvivVDL4+sewdOIkn95FEgv5CvLEECDLZtRorGTgpHT2EFhXtEstPSC/Ym+D/35b4mKYSHrVwE3D9ziPO+wBx1wd2MBYXwZx+/yUAZXhxIPXIyApiCa3csB96e2iPdXBiWTQYy2ZsDsYUkb8cyrB/gi2MJsCx0Wo+NejfX6K/vRa0YgiN2mBrfFtTti/JlWckH2Ffj17XZZEaOYkHR/HB24hpxi5Zfki0W9hXJaGU2VIpZEGbcgH5q/3Jn20Ms9lJSb6dESOC6hqYsffZGuFyjBItfW4t1jQrhELHH4WPOvH++09UZJfpff2MdS0el5dcMJn7ZvArWvDg81Mz+tVT9H9dqtNTvtIc9c9y/1AntCrg/COH+K9gYpniyWD8OTIxxU8fuyHjlHiF86n/WFmwxmiNa2ed8VdXtmiF8b2gcLe7dbu2IPfIMRTcuIJ7IgKdqlXvBFLjIw28tglBBs3vnNo9rgIsRpItWfd1xgwiqKDDVkSpv4u+Iw0hlQPDEuJ8c0kGQ9K7wR8w4qRfEProyFMzZMfHrUApA0LdcRwCu5ZqXes+DS64Z1050WeBS3Xneh91RtDx2Y02wEpe+vHI1TzDUmaowYk2eJZG8kTctzb/sQDCObWHqcvxK9CqTaCAGcb0zLhJ+gWjs3KcfcJeFLXb8C1cXccl0byoR8JPEHmryt+A3jLvHjHC0dYw8UfOa8ICBfibBGk4ziPAv6Yd3eaJCR8xaME0auguPDwunRTXZdsK3/EMWSFFb/mW1uiTczFzeZtgUt3LnDoPgzrJlLG5atk/h6bsc1rvUpcj5SS7u3oARTgj8qy6ewXbwPyTekm4gIiMnrxn42M8BHfk6WFxIbdYqLvbjznVlqOmwBMaN+ VeaKOtcd lFp0panUvNv4cmvPfiFjSw9oguZoiqyI3wQCfX/qL6yhtXbc9rKv52I8LIu3F2V5nDWToeu7uz5FiBv3BvvSmayhKEFFych3//jfc16Z0Fh4POd3WQZff7PCfLHTcrGsQ6R1BS9MsoFv3Yt9HyQPc7mjDOqhYVY4fTLT3P1P3GQwO2nrmQ/eGDGKdwq4HRNgL2kDL9pruFafxB7zh6o8Xl/TvNPTkfOj2rVffdBqXsua3PdUc9PnCRwHGr3CFgRbk0o7pspip1f8D3KtIEIQX+VGEaOauBmOqUQjPIJCrmjjc/M3EUJWWJTpHk3zFFn1A68NoLZ67en7k8nQnBOxvmCJNUUtb/qek6BEiA3WlPZC40RwB+U0LJEZRFg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on arm64, covering the vdso, vvar, and compat-mode vectors and sigpage mappings. Production release testing passes on Android and Chrome OS. Signed-off-by: Jeff Xu --- arch/arm64/Kconfig | 1 + arch/arm64/kernel/vdso.c | 22 +++++++++++++++------- 2 files changed, 16 insertions(+), 7 deletions(-) diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index fcdd0ed3eca8..39202aa9a5af 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -38,6 +38,7 @@ config ARM64 select ARCH_HAS_KEEPINITRD select ARCH_HAS_MEMBARRIER_SYNC_CORE select ARCH_HAS_MEM_ENCRYPT + select ARCH_HAS_MSEAL_SYSTEM_MAPPINGS select ARCH_HAS_NMI_SAFE_THIS_CPU_OPS select ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE select ARCH_HAS_NONLEAF_PMD_YOUNG if ARM64_HAFT diff --git a/arch/arm64/kernel/vdso.c b/arch/arm64/kernel/vdso.c index e8ed8e5b713b..fa3b85b7ff01 100644 --- a/arch/arm64/kernel/vdso.c +++ b/arch/arm64/kernel/vdso.c @@ -183,6 +183,7 @@ static int __setup_additional_pages(enum vdso_abi abi, { unsigned long vdso_base, vdso_text_len, vdso_mapping_len; unsigned long gp_flags = 0; + unsigned long vm_flags; void *ret; BUILD_BUG_ON(VVAR_NR_PAGES != __VVAR_PAGES); @@ -197,8 +198,10 @@ static int __setup_additional_pages(enum vdso_abi abi, goto up_fail; } + vm_flags = VM_READ|VM_MAYREAD|VM_PFNMAP; + vm_flags |= MSEAL_SYSTEM_MAPPINGS_VM_FLAG; ret = _install_special_mapping(mm, vdso_base, VVAR_NR_PAGES * PAGE_SIZE, - VM_READ|VM_MAYREAD|VM_PFNMAP, + vm_flags, &vvar_map); if (IS_ERR(ret)) goto up_fail; @@ -208,9 +211,10 @@ static int __setup_additional_pages(enum vdso_abi abi, vdso_base += VVAR_NR_PAGES * PAGE_SIZE; mm->context.vdso = (void *)vdso_base; + vm_flags = VM_READ|VM_EXEC|gp_flags|VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC; + vm_flags |= MSEAL_SYSTEM_MAPPINGS_VM_FLAG; ret = _install_special_mapping(mm, vdso_base, vdso_text_len, - VM_READ|VM_EXEC|gp_flags| - VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC, + vm_flags, vdso_info[abi].cm); if (IS_ERR(ret)) goto up_fail; @@ -326,6 +330,7 @@ arch_initcall(aarch32_alloc_vdso_pages); static int aarch32_kuser_helpers_setup(struct mm_struct *mm) { void *ret; + unsigned long vm_flags; if (!IS_ENABLED(CONFIG_KUSER_HELPERS)) return 0; @@ -334,9 +339,10 @@ static int aarch32_kuser_helpers_setup(struct mm_struct *mm) * Avoid VM_MAYWRITE for compatibility with arch/arm/, where it's * not safe to CoW the page containing the CPU exception vectors. */ + vm_flags = VM_READ|VM_EXEC|VM_MAYREAD|VM_MAYEXEC; + vm_flags |= MSEAL_SYSTEM_MAPPINGS_VM_FLAG; ret = _install_special_mapping(mm, AARCH32_VECTORS_BASE, PAGE_SIZE, - VM_READ | VM_EXEC | - VM_MAYREAD | VM_MAYEXEC, + vm_flags, &aarch32_vdso_maps[AA32_MAP_VECTORS]); return PTR_ERR_OR_ZERO(ret); @@ -345,6 +351,7 @@ static int aarch32_kuser_helpers_setup(struct mm_struct *mm) static int aarch32_sigreturn_setup(struct mm_struct *mm) { unsigned long addr; + unsigned long vm_flags; void *ret; addr = get_unmapped_area(NULL, 0, PAGE_SIZE, 0, 0); @@ -357,9 +364,10 @@ static int aarch32_sigreturn_setup(struct mm_struct *mm) * VM_MAYWRITE is required to allow gdb to Copy-on-Write and * set breakpoints. */ + vm_flags = VM_READ|VM_EXEC|VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC; + vm_flags |= MSEAL_SYSTEM_MAPPINGS_VM_FLAG; ret = _install_special_mapping(mm, addr, PAGE_SIZE, - VM_READ | VM_EXEC | VM_MAYREAD | - VM_MAYWRITE | VM_MAYEXEC, + vm_flags, &aarch32_vdso_maps[AA32_MAP_SIGPAGE]); if (IS_ERR(ret)) goto out; From patchwork Mon Feb 24 17:45:11 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13988620 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 045A5C021A4 for ; Mon, 24 Feb 2025 17:45:29 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 39D62280010; Mon, 24 Feb 2025 12:45:24 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 321E928000A; Mon, 24 Feb 2025 12:45:24 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 126F0280010; Mon, 24 Feb 2025 12:45:24 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id E0E1028000A for ; Mon, 24 Feb 2025 12:45:23 -0500 (EST) Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id A1A6F1A19EC for ; Mon, 24 Feb 2025 17:45:23 +0000 (UTC) X-FDA: 83155564926.01.171FB5A Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com [209.85.214.171]) by imf05.hostedemail.com (Postfix) with ESMTP id B7CCE10001A for ; Mon, 24 Feb 2025 17:45:21 +0000 (UTC) Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=kxwg197F; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf05.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.171 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740419121; a=rsa-sha256; cv=none; b=JhgG9HOXNxpulU7v7irSJ2bB3m9dsrmsM8iohbsQxJipEcZjEMg2AkPjIrkeHDWNWuEhit wQ5cGjqhuFmaj3ulLtyn+PQImg2lbacxy1AEKi70PrsQOPVfulBUMunsmeZsWXjpELFtHi oBE9W0+7h2Zk3HS8HjiWlEGrsLh50R8= ARC-Authentication-Results: i=1; imf05.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=kxwg197F; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf05.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.171 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740419121; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=uF6v4BAgInjRNjkqN7tLcQhcZv2LNrGaf63b7a8eFi0=; b=VhalQLhuA2+ow8mfWkUY+lYuaPICxikmsDTCT4rfyBbpfkLn/hgk/jKSg99lrOwOdTCuQT SMxiy7vEHhFHLp0OmqeL0Sj/mW/R+CYpCLkz5xPLty9/39eJQThXhGgm3hU4d4vm8PI8ZS Fc3T9D1/9bFwIqTY1HTAdubeZ68QP8c= Received: by mail-pl1-f171.google.com with SMTP id d9443c01a7336-21f8f3bd828so10200835ad.2 for ; Mon, 24 Feb 2025 09:45:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740419121; x=1741023921; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=uF6v4BAgInjRNjkqN7tLcQhcZv2LNrGaf63b7a8eFi0=; b=kxwg197FdtYbNfIaqdlbgud84KsrP7xjgNbT7bs/qVPfoMT4NpON3M7r42w/VpVGGg wjo5a2ckUmBI+APEGl5mO+nfNvqFQb7rRMqlNIerjmD+BIfbiqAf1xMN4xkJOzMH9jRY sErp5d5HiiRnPe82v5WzuXQy0O4E/zxt52JlU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740419121; x=1741023921; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=uF6v4BAgInjRNjkqN7tLcQhcZv2LNrGaf63b7a8eFi0=; b=La2nTmGBfy6p5+0QA5MoFmgdenUr9pY6MEaNyS3i9Q3usVJa8Z5SoPwmlNPiF4DZq4 bTLflqPpPfO6dPv61ge8dLrtIDfRkdb8W7fDh+11YHC5H7EsjoaeDE8v+P9KU2SH8WnZ y6MM0cHIefAK1KaRPVHadl1z38KXzruJqkkFEQ38EKqLZ4W2w9WtQijXmEtIRKTmkv/B 2YkgVUcuubfy4+7dDJvurQgxDtuAChvcAb8PyqSNxyBNn+ccCHZgFC9La7an0gU5CmV/ h7Nf3RPKqdKiWHgqEkskglpf0La1ZWV6ZW3qv1PH7nXhcVgV5tKo//FxnmI9dn8zbIOX aoGg== X-Forwarded-Encrypted: i=1; AJvYcCWH6yKH1E2MH7CpV/joZ0XtvLF0tLzh39axy16lTB388JOBFKxHdylSCSibSE+3SfyzwQ56DZoO8A==@kvack.org X-Gm-Message-State: AOJu0Yy9vDWKaEWEysqOy+A0hUIRR9k/p1SPZOxuXjzXV0a6EGCsKjFL E4RK72RSJwagSlq+gKDCIOc0F6uVjN1MN7yLsd/hZrOKYem+EE6XTDdTGsynIg== X-Gm-Gg: ASbGncvPU4qLgkHdI9LsVA2R7fuvYv5p3ggoeoOKi3TdXuhqvoWJQgoedlm52CEq4om aDeLZBN87bihVENGc2JfXk2W6s2k2/l1RApP3DvRPlhxfqckX49R2jmnvD5tNZKFcPgaU4k5WXk Pc6kUDXIEADc4HUPUkK8POFTq8OxBdc+v/54xrpV1DtoLfxZR7pflWMIgWD4NMj6teolFub+Amg 15+7wF8T2Bw5BRFuhIFzl7+Bthff3mlFQMLGmCdr3Ez4RA+h6FuapBoQRpg0J8S6nTQR6+Wd5k3 iw94IQ3oQyx02OQTgjjkmGE1CaK2KY4+BRl6Ji0RNnzQ0+fs7H247kPrq6D+ X-Google-Smtp-Source: AGHT+IHchQT9dzoJY2LEcYJPdtfWM7ipynXQ721dymkyqhvRjPShYl+mqIPBkEeCSpT4D/DXL4HZjw== X-Received: by 2002:a17:903:22c8:b0:21f:b7f5:ee58 with SMTP id d9443c01a7336-2219ff5b3e9mr87660905ad.4.1740419120715; Mon, 24 Feb 2025 09:45:20 -0800 (PST) Received: from localhost (201.59.83.34.bc.googleusercontent.com. [34.83.59.201]) by smtp.gmail.com with UTF8SMTPSA id d9443c01a7336-220d5586080sm181990315ad.229.2025.02.24.09.45.19 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 24 Feb 2025 09:45:19 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu , Benjamin Berg Subject: [PATCH v6 5/7] mseal, system mappings: enable uml architecture Date: Mon, 24 Feb 2025 17:45:11 +0000 Message-ID: <20250224174513.3600914-6-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.658.g4767266eb4-goog In-Reply-To: <20250224174513.3600914-1-jeffxu@google.com> References: <20250224174513.3600914-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: B7CCE10001A X-Stat-Signature: ku7kms5yxbqp4nnmugorthtw7kbpakkt X-Rspam-User: X-HE-Tag: 1740419121-931632 X-HE-Meta: U2FsdGVkX1+CkKB2Ac1UgyCTo//vuF/qNSLg24kUgdutzwsgRGGp9PzI0zWoDG0K2He0hOhhkdLMet8e+VXp4sxh64sVW1KslhtME08553XTC+tn6dMcEWufNlNDJNCoOR4KRr+KOHeiHiZuOZ1qkVhqIMoGwWaqCO2CfFt9JZz6ByJl1ynRS57kili26mVQPg6gaTPze+I0NX1i9rsegbnhoyLVRS+V4MZxY2Vr/ma1/vvUR96MiXFObdfiza4nsbC3sReglGlyRxsQ6ncp0vH2uffoN9zpRGdT0Yr2qvUELmMlu8Hxj/DpjVEEO/nGNvMzPs1bFl3+b2uLSwk0BmR/QxG3dDvz+kjoMYFKt+YoyEfgKiLsRuag6263OUKjzVnvmvziffs5qSjCZXPnUCkdssrWzCFb3fNEsFSl0+UZgIQQReRdZj6ETKhw91s02jUj+sbEvyoaSHpzQnWVGlAnDkanCFtdEj24GN9RiPmZLIdVOydllsLRt6aZrt15RNKqxLsEY0jfkxmXxM+iu/XVKa5jJg0LNIIqvPZqsTS01F8XKJTNl2CXsK4QfCHG/AvK6UHTVXoHs/zCo6QnXA6cb8lczRjPOVjzYVOuy5+ilfwdnX/Z+RU0CTS84hVuNEfYif5YtgRF8imQJ+ii9XEqUFy5JCdMsqoLjY0X/nBLxfqFneMCyoDM28/mFcsn+5PgG36lF2s97fRLFktWbdyxGG7tA0KkVj8Q59KFjYssp1dr/qEhwdNYlP88yh1z3Wcf/cvf4H7xHgnCTHjk4cqvix1VmqueSsHhYW241uU9iYxXka9z5+9piXgFRgrsCC//V/3SOqfexssYjU3yZEuBaXwcd8sa6Ni13zRN5kwYnnbrK+aB5Ek43NT1VmrcvFMi+JK6azOapKjXTbJ6b/HVHq3K7x0E7QjLqsl1oOZERO5uqXoE9Dg3y5idS0hgGdfoKllMyqIEeczQv1z omvybsR4 RoDpAZgQ3ls43UKFv5U8f5PSzEvCRso3+ltVkTt0UsjLPwn9CwPreo7e+aFhkYCJAKui7CrWCrg3Qz6RUwZQKDMba/ocQL3OW/+6puoG7hXC0jzpFOghp9M3g2DPoAjOk26kztdcns9TpQldFSa8YkG5gGDkU2YOP0MrvVFptVh9s9vRUJMCPgryVFPMhaOQ3JhvXGNCRIrSFChykWbVo/LWvDEoEdH4RYubuxL5zES5ZU8ZP4znJZxyqjlDr6xT9CBJtG7DLaET/DGJbo5wXpBpM99Xmn/y081Hp8QQSrOBYOcG5j+pjaNgngbRmfKiKeSBgKWOy2XITd8A87RoWQloveSG8hdmV0PzHjtzAUJsHdgB4KenTcYuY3UhROMu9n7w1unZz1h7zSVM= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on UML, covering the vdso. Testing passes on UML. Signed-off-by: Jeff Xu Tested-by: Benjamin Berg --- arch/um/Kconfig | 1 + arch/x86/um/vdso/vma.c | 6 ++++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/arch/um/Kconfig b/arch/um/Kconfig index 18051b1cfce0..eb2d439a5334 100644 --- a/arch/um/Kconfig +++ b/arch/um/Kconfig @@ -10,6 +10,7 @@ config UML select ARCH_HAS_FORTIFY_SOURCE select ARCH_HAS_GCOV_PROFILE_ALL select ARCH_HAS_KCOV + select ARCH_HAS_MSEAL_SYSTEM_MAPPINGS select ARCH_HAS_STRNCPY_FROM_USER select ARCH_HAS_STRNLEN_USER select HAVE_ARCH_AUDITSYSCALL diff --git a/arch/x86/um/vdso/vma.c b/arch/x86/um/vdso/vma.c index f238f7b33cdd..ee6d8a58f9f6 100644 --- a/arch/x86/um/vdso/vma.c +++ b/arch/x86/um/vdso/vma.c @@ -54,6 +54,7 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) { struct vm_area_struct *vma; struct mm_struct *mm = current->mm; + unsigned long vm_flags; static struct vm_special_mapping vdso_mapping = { .name = "[vdso]", }; @@ -65,9 +66,10 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) return -EINTR; vdso_mapping.pages = vdsop; + vm_flags = VM_READ|VM_EXEC|VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC; + vm_flags |= MSEAL_SYSTEM_MAPPINGS_VM_FLAG; vma = _install_special_mapping(mm, um_vdso_addr, PAGE_SIZE, - VM_READ|VM_EXEC| - VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC, + vm_flags, &vdso_mapping); mmap_write_unlock(mm); From patchwork Mon Feb 24 17:45:12 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13988621 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0B4CBC021BB for ; Mon, 24 Feb 2025 17:45:32 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6CDF6280011; Mon, 24 Feb 2025 12:45:26 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 655FA28000A; Mon, 24 Feb 2025 12:45:26 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3E671280011; Mon, 24 Feb 2025 12:45:26 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 1173228000A for ; Mon, 24 Feb 2025 12:45:26 -0500 (EST) Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id B2538C1912 for ; Mon, 24 Feb 2025 17:45:25 +0000 (UTC) X-FDA: 83155565010.12.624524D Received: from mail-pj1-f50.google.com (mail-pj1-f50.google.com [209.85.216.50]) by imf04.hostedemail.com (Postfix) with ESMTP id 8D13140006 for ; Mon, 24 Feb 2025 17:45:23 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=TvZtDQUS; spf=pass (imf04.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.216.50 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740419123; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=pPTxJ+9VApNW1wIyXAimG9WYLhdSeBQuD2wh8D+5JoY=; b=BQTpcokuQY4FtbwDEvq5RiYSjRYRcCVyuFqHqhsSB2oVMdpf7lITaGIOAsOuYb6EYCf0nj rPBJWhycFbmgWH4Jm/VQpXiLjrci+vIIxOa+UsjFONyuqUuiFcPrL6HVnnZO8QAfeMCi4j QFiAtHHqBI/SRerFspL4hY/O6gNTdWc= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740419123; a=rsa-sha256; cv=none; b=MF24zEj5TukYmPa+SnmwYFe9VtVh6GGgUXhyN2Zd0VGj4AiX5cY5ZMo5cFfgsj5JULWFXV UeghomwdsCaH0c1sx+L3V6xCndCjVapAv38BI2XhxKUT6ahifrgxsDul/jnnOjMrHH7VzZ iobxA1yYAir5qBgpKfuABIgXr2PkH6A= ARC-Authentication-Results: i=1; imf04.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=TvZtDQUS; spf=pass (imf04.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.216.50 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org Received: by mail-pj1-f50.google.com with SMTP id 98e67ed59e1d1-2fc29ac55b5so1223766a91.2 for ; Mon, 24 Feb 2025 09:45:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740419122; x=1741023922; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=pPTxJ+9VApNW1wIyXAimG9WYLhdSeBQuD2wh8D+5JoY=; b=TvZtDQUSUelJgRkdQYrIGjWEwZ6EQdnLYm5C9dzw4tz2QzksNPEzSGeK/+PuXe25mE sFAgyPbo8MhuFZlRXWXBNbWFkX61JEN9veGlyoT6691ghv9kVhXPpB94D2SIJXBy6OnZ n38vOa6hPN+fWvjBZluKJkSZxok6aqLYo0dxs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740419122; x=1741023922; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pPTxJ+9VApNW1wIyXAimG9WYLhdSeBQuD2wh8D+5JoY=; b=TL/FJtMJJtQ+95hkg/ZIaVyA9saHVxskWAuQ2s+rNgz+1y2ytOJFxzr+J7+ImTrqDk QctXbHHUTD/Nf+o7A70jLccbAMLB8Q4VR1nawlGmoCNI9SFxJJPeZKD+KwqdnKvMAcb0 +y1MSVBi65/O9waeg2gxrwIvWG5pnRNZp3lO2fLOezfM/Gefh32GI3PNcF37pSoEFDrO zSNtjmliMA0caVoZX8uuRd6Gb42e0EHxoo4oeOx4IEtgprOSHuDrGTmX6UcoE5l9SuBf kcXlwXSulcykWTENJC7BAhbg3YGLM7b1v+lqOMis2u9RJAAzBBSX5z3ptunhcEPP9iv+ 2DYg== X-Forwarded-Encrypted: i=1; AJvYcCV55GVIgD9yqHCnemcZbSa5FS81yfBeWI2Z4asEAhiNaZexiGuqhCUM60wUY+WGtDlg0XgpdQuuwQ==@kvack.org X-Gm-Message-State: AOJu0YykQVxbXsQwP3UEY3Y82kC47ggLgvYQsvoAYxEu5ISDazEsSK+4 t2xL6YIf7lY3BbwAYlHi4QsMW968PAViu2T3URAj0EhzfQZysPo5E0yN8ybyYw== X-Gm-Gg: ASbGncs+3L8w98u2qEutLqL3EFtUqqwWf8iTV+HLfAlo/cfMPxYPNqSMrvfwz1YUr/b KXcWx1ZQai/JIKHRkSqdcFmXcOVmiym5Pno3gKvl6Foqfb+hIwEO8L5D7FMb3AnU00QWwK1/HW0 ffsUcWemacSLobs22dQedPauhaPDd34RTypiEnnYc+jnLcW3Wo4BRzSZZ7StoOElI+smnG9ILGj 0Jf4xx8aCvaFzxfN7TKRjpm/wyKmCM9fkg38UAqxHZ0T00VXtKhTYNDLGi7irRtM5i9YX9VeqMH O2w0XPxHl4Mmdz2LAGgUSCCWwGVUp2qxlPRUWfswl7KwhVgiwtFjHh2Fsomg X-Google-Smtp-Source: AGHT+IHP5BJhLkG1y5WlyMonne7HfrmaKX102f8M0T9GVc1W+S/OC3k6B6HWY8ssc4OyfR7EtUf+nA== X-Received: by 2002:a17:90b:3848:b0:2ee:cbc9:d50b with SMTP id 98e67ed59e1d1-2fce7aef973mr9370465a91.4.1740419121838; Mon, 24 Feb 2025 09:45:21 -0800 (PST) Received: from localhost (201.59.83.34.bc.googleusercontent.com. [34.83.59.201]) by smtp.gmail.com with UTF8SMTPSA id 98e67ed59e1d1-2fceb02d9b4sm7708790a91.6.2025.02.24.09.45.21 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 24 Feb 2025 09:45:21 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [PATCH v6 6/7] mseal, system mappings: uprobe mapping Date: Mon, 24 Feb 2025 17:45:12 +0000 Message-ID: <20250224174513.3600914-7-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.658.g4767266eb4-goog In-Reply-To: <20250224174513.3600914-1-jeffxu@google.com> References: <20250224174513.3600914-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspam-User: X-Rspamd-Queue-Id: 8D13140006 X-Rspamd-Server: rspam07 X-Stat-Signature: oz1dj4tgqdgc19ssseamnbgyejhy8g6s X-HE-Tag: 1740419123-207457 X-HE-Meta: U2FsdGVkX19ZAsJ51nAZSgAW8m6d3BaFdkjdTLsTcrYbjhqQd/XCw4NUZOLxMz2MajlYLn9bDZb8AZ6J3ZVnB0JoGdWlyf0GApGp2FqrWodP+fLbGNj82bsCSAOger/2lPHStgI5vWIHevvrRFeNUrkpVyme3deYlldTlRJe6H9LX1Jd3zboO6GtcyAQSL/tnP1+2Td1RVT4ELRVGErZuHMeK8ZS+qXlrzkBVRteGt3IwcailSAreBJe8rjWd3TBDBg7ANDmMEvhwHaXxAa+5cgW1CCWQBrNHdgVVaBN0gMB3pJKI4SY9qqFT1KbEfPMh5CwhStQGaRJ0AcSYrpn0kWS/qUdsg7C5m6lJmXI/bFTH40q97yHfd6rrmp33e80F9x+wgotU7/ZauRzWUUtAybiaqYyvHDPn1L2DHL5u8lM5roCN/lGWrMjd4cNhzQnUT1xEFAr3DHOuRzKLTLAIYPtJ5ivbJ9II2CBQ9+uhAOLxfv4ZCkb2lR6MEpBffRE9VJCyEfL+8WYIslLwuWFf51uUigd7k+KpNEnTPVEJD6VjP8+Tpn0L7M1Wsxu/IruP3vBGjIDeTuTiWgmy3eKrI1HLKPQZOAd45hfuNZ/nzAOSvKm5X3gGpa0LRgD3Ho65CUXgTLJFU2iwXYryf1Bf+aiYiscngfABSrU3ZgIERpN/hem7lmBdxfc3WlmAehjT07lKFC5X6SkT+d/92JYPoJ4fuR2fFiECF+BYxbqmcyKuIA+5YBQYssxlmqb+86Ru4GZOjFEOniuWZfbmaTuT1FibrUKxG6mWZpITUdfkCx2hpDABjpKkVDRNoCe/4c1JtSh8JTs0ShPNusqrJCRSKyZwtEjdB467ruSri0v3k+HppMdff/U8Zsq+iyH5oRtE1xIXW6WzV42pLEkp4OQy8nhk+TgeWCsJTjTGHS3ZzBFFU9tUMu1uagUiYYKz7RUS/V8Jel2QLj+dtC07zU dOecWAIF cfqPIwCupSA1YmEBSA0Odab5/2FT12GeSe4vYiF0H4LqCwdFVF3E6LdaWg5BUpVMdv0vVa3CLO3JM5m8Z96CRiI8b2l8Y7SwGMbHRkPeUaLpkfN55HzTSl7ZfVH8eMt7nAuLs41XcI+F/SkPrr/pTE1lbRcdy/jeJFJFCPlx9FgYyMABU/QpDLIB5uKSs/M2UX8Ppt+WvIEMrExgKU9QjuyIlBQYEd+PwfKrJJIFv2nf9Gvhg927DmatHEIS1sWJpUdGzc+0BelwobJaxNAWmKYWz9TNs2N9avCN2SkV8WqKUw4rUG2YIzQ5ctLIaASeX1A/j4eXZsIapkxuvp2i3coRCFVGpxIWYBQX8yzp0UokyUKiwwjLuwg4edQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000016, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide support to mseal the uprobe mapping. Unlike other system mappings, the uprobe mapping is not established during program startup. However, its lifetime is the same as the process's lifetime. It could be sealed from creation. Signed-off-by: Jeff Xu --- kernel/events/uprobes.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c index 2ca797cbe465..c23ca39b81ac 100644 --- a/kernel/events/uprobes.c +++ b/kernel/events/uprobes.c @@ -1662,6 +1662,7 @@ static const struct vm_special_mapping xol_mapping = { static int xol_add_vma(struct mm_struct *mm, struct xol_area *area) { struct vm_area_struct *vma; + unsigned long vm_flags; int ret; if (mmap_write_lock_killable(mm)) @@ -1682,8 +1683,10 @@ static int xol_add_vma(struct mm_struct *mm, struct xol_area *area) } } + vm_flags = VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO; + vm_flags |= MSEAL_SYSTEM_MAPPINGS_VM_FLAG; vma = _install_special_mapping(mm, area->vaddr, PAGE_SIZE, - VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO, + vm_flags, &xol_mapping); if (IS_ERR(vma)) { ret = PTR_ERR(vma); From patchwork Mon Feb 24 17:45:13 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13988622 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 00BF7C021A4 for ; Mon, 24 Feb 2025 17:45:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DD35728000A; Mon, 24 Feb 2025 12:45:26 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id D5C65280012; Mon, 24 Feb 2025 12:45:26 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B126C28000A; Mon, 24 Feb 2025 12:45:26 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 752D7280012 for ; Mon, 24 Feb 2025 12:45:26 -0500 (EST) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id F2A8AC1959 for ; Mon, 24 Feb 2025 17:45:25 +0000 (UTC) X-FDA: 83155565010.09.37119E6 Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by imf11.hostedemail.com (Postfix) with ESMTP id 03EF840018 for ; Mon, 24 Feb 2025 17:45:23 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="lswW/HQt"; spf=pass (imf11.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.178 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740419124; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=NedlQ833R+dfasjp2xtVkBoypa1M9tQutc1AiNG511A=; b=BjfOpiGY5uo1qzyNGOIvcbTU01OyvIZltOOYwaUkc4YfQsD2rgY9BTXYOaHJlsEJLlSxTL E5h7PccxhbBkIeNBNXzgeg04oqnfNEZQzR5oA2ARJZCvpJlT5BzItApW2xY69ZRdbiSz2M mEq038lxIg/uCuTGc9BidBMlDzgCl0Y= ARC-Authentication-Results: i=1; imf11.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="lswW/HQt"; spf=pass (imf11.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.178 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740419124; a=rsa-sha256; cv=none; b=i++paxyoBO4Nhvu+kB7CnN++MR01VUGpeXWQZBdlFsueLgMXLks+1PTgKw9ms6w+kRvp2O axfiWV+zEGY3o/JhA8PH0/FSZZtfda+wRb6vpj3jTNqA1pIFhRVo+eAeUAhFgo5hMBNpCG +Q6G+MfTW7x6F5Jb4JN5Rr6k8oXugpQ= Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-220cd9959f6so11978905ad.1 for ; Mon, 24 Feb 2025 09:45:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740419123; x=1741023923; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=NedlQ833R+dfasjp2xtVkBoypa1M9tQutc1AiNG511A=; b=lswW/HQtzCf1ut5CbTe4cgUJy/uqHptBPGptMSlgndfeZUMEhm3qtlg8QnH1OfSqrj RAMyVYO9cVyr+03cr7G1hJib9FowlFifNaW0CEaGbrDCVAC9xcg9/e3dkZ70lMUbXHs1 Xwsp8OYzfpBaW8lfPU+2/zYcxjmrvkQt/BKWY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740419123; x=1741023923; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NedlQ833R+dfasjp2xtVkBoypa1M9tQutc1AiNG511A=; b=CQXgxkrxUxqKeCVYVQuzNW4/il0qd4IpjuMzVzyr/NMFbMCycdUhcxMeqPslQiZhkr tTYUVDrho156Xzh3KWqpCM0sKkjKW6dwB0xkTsQfONJ88MIXcamGVqEKE37/jwnNMHVw J4da2lVwedk4FFHFi6aKwgvzptUt9Pzy3FDUZFYmm4T13Zvy+m1SDfZpaoJ27Y7hw0ul lQYfsC+ZirvFusZMiIBtdBSttSpkhCC5OguAAzxRynNKPNuahpwhpgPbQocHPyhKmIUM VA8BWYSTFCYoEtjaV3Lv93ty+AThizzJhK5ViA3kK/mkTbpJ7LP5uuM0REWnlzjrVtjq i+vg== X-Forwarded-Encrypted: i=1; AJvYcCXEm5QS60nnH+saVBcoA02ERqQClDTNyy4FHxEa+Pyxig625uuajWBq2N2+yzayA5WWQ3i+KaeZmA==@kvack.org X-Gm-Message-State: AOJu0YzzKud2+AiCB+NaVCt5rwDBmEkTwD6NQHxWBYeRggnaRgpB/zfT gioHv502NJR+k6IpG/sACqwcY1u/NQOFv0vP4h1959VnKj+WS6voWZIKcPpXhQ== X-Gm-Gg: ASbGncvtDKjegpV+iKvIlZZCifzw8SU1O0S2IXCX+p0VedasF8dXYYb2Hr9yiTEhKtH AtGP0YmnXxDPzIJ7c+7wu+XGwykEwQmFogF4sf3MvrWeEk71rVu6cPJrhnXBtSeZRlu7P/nk5AL vyZfqTa9siDdKKKcijvAoK0mW82gjYObedsUQO6SqhFaXMVJoIm8IDoseA9coaH69lf/tlRpNcL Padll86/GBYjducU/g3oA5aRLf8c+S2J6NF/gcC9YwT2rccfDUsEqz5jSkIKT2K0Sy1UaBmeVEn lgxDsj8kRWb2pVVmYNA04P+S7sRV+8+cfq8bZ7M8jPwxRwA0KcSmOeDYBp5y X-Google-Smtp-Source: AGHT+IFZVTqhLnFv9AH6bcykjpAlvnpYSGZUQrdwYTW7+qFqbmLc8OL95CLeT9nCPZhlXuZDXrrHjg== X-Received: by 2002:a17:902:d488:b0:220:e98e:4f17 with SMTP id d9443c01a7336-2219ff39595mr87888225ad.2.1740419122867; Mon, 24 Feb 2025 09:45:22 -0800 (PST) Received: from localhost (201.59.83.34.bc.googleusercontent.com. [34.83.59.201]) by smtp.gmail.com with UTF8SMTPSA id 98e67ed59e1d1-2fceb093d96sm6756326a91.40.2025.02.24.09.45.22 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 24 Feb 2025 09:45:22 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [PATCH v6 7/7] mseal, system mappings: update mseal.rst Date: Mon, 24 Feb 2025 17:45:13 +0000 Message-ID: <20250224174513.3600914-8-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.658.g4767266eb4-goog In-Reply-To: <20250224174513.3600914-1-jeffxu@google.com> References: <20250224174513.3600914-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 03EF840018 X-Stat-Signature: 1tqdskx76yt6kadneq3s6z4nqh3fsjhi X-Rspam-User: X-HE-Tag: 1740419123-832577 X-HE-Meta: U2FsdGVkX1+axxBEnIWtThlW8NnXACgd8no0qXVt0Udl91ALjF0v4d0rNqJmt2TZOJ6L8M+cV1W3kuhtMmKohnVxdqYNGbmLliwL9J7ucvyyM2npoOBHk65/faq9OOfcCCAWCRTu5hXvK55pZnAyQeaFxjsk/kdVBNIk1F+2VpjcSGf0mJB72Elny4OQRndYJJq158/kn3EAl9VzQMce7dTadhLRc4lHrqIyto2K57fCayieqfJ5CkRFuvv9UCB05RcH+WJBwwtdcYjWLJDlipnlN3uGTeaLB63Ty4+ryFyecMK8DseozSaw6/CM6Uk82f0pwc2iulFZefIq/UTrdeJTet62UY9C5w8TEWni4/fGNNf6I2E6toLz/xrrOE6A4zM8TiMWZC8//yFecpbt5ZVDsMdU1qGvY0Szuqs47FxQ3zUGDgNanCtUT6S6BOeDccveBVHMb1bbjr282D9ZQIcHGiSJkIfH6E7VgYF9L2Bt1swyhTyj8ipDVia5g4MRYnzT4FVQjh9QYLUr1vGzPZu7Mi+yWo+Sgpyfvo0DZdxDU5ticiGro9u+3flRLnMuUMsUCVVXeYG9NQwtALK3T5RzC1VS2HzHNJIRAdUCzJAWLR+L5mIubmAnxZgeAnYp2yQ7Wq3PobUkQ/YlD094VSmgSbnRHPbD9WpeGw91Q3twLnaN8cdMuma7dzBVgZxdtchHcSfxcUyhdSSqMUwBINhbLk3E1svk87hZAh27peF7csB5UEW1v4LdTSMgiTk3enPQ/WaH0oR5QLxoHi8WWBqc0Hd15/nkxogJfIaFJXO/RpIC5cX1sIJeccNHHROv1gC2Wk6h9YWKowk37MWjGqTprF8DXnPF2oX8w7JxYGVSQw0h/M8UwnFh6EkvML/jygQnlz1UQj5U6XHSYx/6addV9hU2McUgSIuo6fu6u4hXwBDhJVgbT4FSpr+d6k3aHVEFPTFZcUy31Zuxhc7 LLmKXRQz yA1A3Ac5sxYzEn7V8Vg4W9J9VEWPz/SU0DWnMDJRIRVc9/u2ltKFS75OUtsLU1Gz5M4JGiHkBqJ4FedaDO0YDlWoI/azgMZGFH3q1b8Jp0WF/46uDtvYo77nBtBbQeMbudtQ/5HdpPxGOkrLy6rfyCXVzEyYMRcuUD/ErcwiMfgx4pFQ/e11iogm+VFAukGTSZZiQq148HcFF0I2Mu9Ga4GyNcgFCgdKMw594fgRh/QEL2iWLPq9kYuy4013fj0Qauv6hXmkLBfXa2fKOlfPe+P+9imzaEiqUKGqk6bPTkcc3olN7zoV7mD4WhABxEkcul5ezJLtNgEe/RIaWQghXBBLgTmmIX54Fvr4SguFa5Ih30ZmTiZWMowYdag== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Update memory sealing documentation to include details about system mappings. Signed-off-by: Jeff Xu Reviewed-by: Kees Cook --- Documentation/userspace-api/mseal.rst | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/Documentation/userspace-api/mseal.rst b/Documentation/userspace-api/mseal.rst index 41102f74c5e2..10147281bf2d 100644 --- a/Documentation/userspace-api/mseal.rst +++ b/Documentation/userspace-api/mseal.rst @@ -130,6 +130,13 @@ Use cases - Chrome browser: protect some security sensitive data structures. +- System mappings: + If supported by an architecture (via CONFIG_ARCH_HAS_MSEAL_SYSTEM_MAPPINGS), + the CONFIG_MSEAL_SYSTEM_MAPPINGS seals system mappings, e.g. vdso, vvar, + uprobes, sigpage, vectors, etc. CHECKPOINT_RESTORE, UML, gVisor, rr are + known to relocate or unmap system mapping, therefore this config can't be + enabled universally. + When not to use mseal ===================== Applications can apply sealing to any virtual memory region from userspace,