From patchwork Thu Jan 19 16:03:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joey Gouly X-Patchwork-Id: 13108321 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3795FC004D4 for ; Thu, 19 Jan 2023 16:04:46 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 330136B0071; Thu, 19 Jan 2023 11:04:45 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 2E00D6B0072; Thu, 19 Jan 2023 11:04:45 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 132CF6B0073; Thu, 19 Jan 2023 11:04:45 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 048B66B0071 for ; Thu, 19 Jan 2023 11:04:45 -0500 (EST) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id C852A80DB8 for ; Thu, 19 Jan 2023 16:04:44 +0000 (UTC) X-FDA: 80372021688.15.3CDEAB6 Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-he1eur04on2059.outbound.protection.outlook.com [40.107.7.59]) by imf24.hostedemail.com (Postfix) with ESMTP id 17B82180013 for ; Thu, 19 Jan 2023 16:04:39 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=armh.onmicrosoft.com header.s=selector2-armh-onmicrosoft-com header.b=yRWW5KHG; dkim=pass header.d=armh.onmicrosoft.com header.s=selector2-armh-onmicrosoft-com header.b=yRWW5KHG; spf=pass (imf24.hostedemail.com: domain of Joey.Gouly@arm.com designates 40.107.7.59 as permitted sender) smtp.mailfrom=Joey.Gouly@arm.com; dmarc=pass (policy=none) header.from=arm.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1674144280; a=rsa-sha256; cv=pass; b=zr4NouG0VsqZBcYi+QO6C3Na0ybNtZXBdxFFzcGLHjDdylWDOE27esdnmS9hHVVuGqjtIm SX9JSWYL4IJUAM5/Vv8WuAVuSbqHOpb4tfYEsi8qfCQdc9gXWJh0rnuWQkbdpX6R8iCUBj N0YwGw1sqsBnSgouTzt2S+fX7MDWEYk= ARC-Authentication-Results: i=2; imf24.hostedemail.com; dkim=pass header.d=armh.onmicrosoft.com header.s=selector2-armh-onmicrosoft-com header.b=yRWW5KHG; dkim=pass header.d=armh.onmicrosoft.com header.s=selector2-armh-onmicrosoft-com header.b=yRWW5KHG; spf=pass (imf24.hostedemail.com: domain of Joey.Gouly@arm.com designates 40.107.7.59 as permitted sender) smtp.mailfrom=Joey.Gouly@arm.com; dmarc=pass (policy=none) header.from=arm.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1674144280; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references:dkim-signature; bh=eSz4XrLrOU/Q0X8dyvT5gsrdo+lHEbTiMfz9tT5sCxE=; b=eo2WcMMWyD6JWKb8JCSo3r8+xdotWAHtdzlMq/ZmxmsCmpB2w+7IzrvtnuzzlebGG3tfTR sS7P1yB6Wed8v2ESsBZVTwoy2dhcOAf9E6QJ3FL7Eo3C9Fytup9Sve49hd9MKOnthrNznt yjHiI1kO78UmU4ZMbGUkkrz8bj76MDs= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eSz4XrLrOU/Q0X8dyvT5gsrdo+lHEbTiMfz9tT5sCxE=; b=yRWW5KHGdhFUE3VJUOE2HiGYbbFw1X4sIgYpUOFGgi/BaQEQsHpjCSZifJ3pAEsNeCOR4UIya1JTb4Ww64/haAH3Y38ey+dXEZ/DPcHVd4Hyac7TuwzTyuJ4/1aR8pgCU1BEWYeqyGuCKvtVNpB6oC4GRwhD1jdiwtKRNhHsacM= Received: from AS9P250CA0009.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:532::18) by PA4PR08MB7594.eurprd08.prod.outlook.com (2603:10a6:102:270::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5986.23; Thu, 19 Jan 2023 16:04:36 +0000 Received: from AM7EUR03FT035.eop-EUR03.prod.protection.outlook.com (2603:10a6:20b:532:cafe::f) by AS9P250CA0009.outlook.office365.com (2603:10a6:20b:532::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6002.25 via Frontend Transport; Thu, 19 Jan 2023 16:04:36 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM7EUR03FT035.mail.protection.outlook.com (100.127.141.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6002.13 via Frontend Transport; Thu, 19 Jan 2023 16:04:35 +0000 Received: ("Tessian outbound baf1b7a96f25:v132"); Thu, 19 Jan 2023 16:04:35 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: 6534bfdff3293073 X-CR-MTA-TID: 64aa7808 Received: from f0b93e1d57fe.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 53D9ED59-5EA8-46CF-AD54-6ABF85BB3334.1; Thu, 19 Jan 2023 16:04:05 +0000 Received: from EUR03-AM7-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id f0b93e1d57fe.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Thu, 19 Jan 2023 16:04:05 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Jf2KAhZPJS6i4LP82P7FHExpOvabULfbU+u6Ws11HueHw/CpJgPbmTRUSckfAU03kot+oCJqi+ZQJLS16DlEuCABmD7Qa2varMrOtqnsKI4IiDFPMVa3QYiK4mISR5lJjs9TgPmhufZnPIijTXcOe/qL0It2ukaI8rIhM2/KVcB+ai7WQuZPbgP1mMYkglWXJaHGYJAf9MYnTa/u8TXEax4pLxDL3udmpEGlwGmvVNFJMZiBM5opTt1KMDqYmnxkyes2UBrKiCSuDSrxDkt7rbcTHjXsiF1R8YRVepBPqsLsC+ZFiT/A8nNJoAqwjpzLdXJ3Dj7g6HcB/f6JOBmyrw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eSz4XrLrOU/Q0X8dyvT5gsrdo+lHEbTiMfz9tT5sCxE=; b=NULLEK/sFVKxWQ6i1eWNGYB1JH5gQTt8HsD2ylFWcd66mblgM8Nsdb6a9zzH7EuhqKZ6J6cx5PmX7ANaVqEC7FaKis2DdUvluPk2iVAG46vXlGg4wSnj34g24UHlqZ2u2LTEf6zXj41gN+dI2hWqXK8IhcmDKyEMBU8aqNnORSYEYggPelZfNDFJNLqhFjhenYetk4JDICw/DvzJEch4YoT3dzLl9ididRkwMVPB9oeiYErc9ohFPMhV72nTkimG3TcrPeYuOqpsv7CdhacoXXzMwai1qsa7ljo5Yff9M8oRRRf3+lNeMVnYxFl9dkVxCylhauME0UWXReItdesyUQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 40.67.248.234) smtp.rcpttodomain=linux-foundation.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eSz4XrLrOU/Q0X8dyvT5gsrdo+lHEbTiMfz9tT5sCxE=; b=yRWW5KHGdhFUE3VJUOE2HiGYbbFw1X4sIgYpUOFGgi/BaQEQsHpjCSZifJ3pAEsNeCOR4UIya1JTb4Ww64/haAH3Y38ey+dXEZ/DPcHVd4Hyac7TuwzTyuJ4/1aR8pgCU1BEWYeqyGuCKvtVNpB6oC4GRwhD1jdiwtKRNhHsacM= Received: from AS9PR05CA0315.eurprd05.prod.outlook.com (2603:10a6:20b:491::9) by DU0PR08MB9002.eurprd08.prod.outlook.com (2603:10a6:10:467::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6002.12; Thu, 19 Jan 2023 16:04:00 +0000 Received: from AM7EUR03FT056.eop-EUR03.prod.protection.outlook.com (2603:10a6:20b:491:cafe::80) by AS9PR05CA0315.outlook.office365.com (2603:10a6:20b:491::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6002.25 via Frontend Transport; Thu, 19 Jan 2023 16:04:00 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 40.67.248.234 as permitted sender) receiver=protection.outlook.com; client-ip=40.67.248.234; helo=nebula.arm.com; pr=C Received: from nebula.arm.com (40.67.248.234) by AM7EUR03FT056.mail.protection.outlook.com (100.127.140.107) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6002.13 via Frontend Transport; Thu, 19 Jan 2023 16:04:00 +0000 Received: from AZ-NEU-EX03.Arm.com (10.251.24.31) by AZ-NEU-EX04.Arm.com (10.251.24.32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16; Thu, 19 Jan 2023 16:03:59 +0000 Received: from e124191.cambridge.arm.com (10.1.197.45) by mail.arm.com (10.251.24.31) with Microsoft SMTP Server id 15.1.2507.16 via Frontend Transport; Thu, 19 Jan 2023 16:03:59 +0000 From: Joey Gouly To: Catalin Marinas , Andrew Morton , Lennart Poettering , =?utf-8?q?Zbigniew_J=C4=99drze?= =?utf-8?q?jewski-Szmek?= CC: Alexander Viro , Kees Cook , Szabolcs Nagy , Mark Brown , Jeremy Linton , Topi Miettinen , , , , , , , Subject: [PATCH v2 0/2] mm: In-kernel support for memory-deny-write-execute (MDWE) Date: Thu, 19 Jan 2023 16:03:42 +0000 Message-ID: <20230119160344.54358-1-joey.gouly@arm.com> X-Mailer: git-send-email 2.17.1 MIME-Version: 1.0 X-EOPAttributedMessage: 1 X-MS-TrafficTypeDiagnostic: AM7EUR03FT056:EE_|DU0PR08MB9002:EE_|AM7EUR03FT035:EE_|PA4PR08MB7594:EE_ X-MS-Office365-Filtering-Correlation-Id: cdf0ca9c-864e-4631-80dd-08dafa36dc60 x-checkrecipientrouted: true NoDisclaimer: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: qWUH5axFNnx0Y830fduFk256PntJHMaRiTJ0Fb4+qrqb4AOqzwdY+eJmeQ1ZDdAU//FnEaolFb/x0fZ8Kdq76E/BC/1Gj7iT2jpiaMNVmc+8AeJM64hmsobEF/Sr05TV3tNbQ9CqIUogofqnFA8QdP6yw3Rb6ZN6+/qJPoaIYxf5rToxUlH/vNckxwcLh2Zby/h6IJsxTp+kWWq/ErR44XrZ/xBapNLsWI6MnygT5W8MHqlrLFsYPCdKsm14k5JLl4sXZNj/1nsazXdr1yWBUVKK8LucqMsBU1/tA00S5aTehp7sNpZSHiDNGawaF/NmUtZ50hbp9L0PX6FJBdcvDNTyd2p+IA/CoteWj37XRWGHpoBxO59Z9cek879UedoonPcToH4r8Bxi1moxUKYn+VRjwLNLoJQIkLO7bBofPgdkJ3hkplG5GstOATzs4/xA7myFFRO0kvTPJHEyEtQ/Jl+KFW6t6DWydaSoCFEXgeBZXTSK1kWM71A/4b+fA1P+td7YBWfqZ3N2TXe1qK0pE6u5N01nhwliofXcLM1uORmdmvpRachd1ebDlD5pQnE+YpKLw+oONH7PmgSBdyZMsS2+JZMejFJfVT1Dd/ZJ+qkriCib+A+18WbOKtAA2npcJY+s/7Ki+j5+Xhyv1JQhS28xyT02mESZbF2kVcpiwbrzrScgbuEU8a+9fVpYUwIMHA+NxNdojYN5ww/VZxP6+XfWDVnht6Z33Xz/Rst8HDmTd5k3AhrKuOrlKzRhxFH0MUnnqxjJef0+obZ4FlHZ68Yyoo0KnA3kNz3ccJX9PojkeaRptmkEAMxlBkmZSKMd X-Forefront-Antispam-Report-Untrusted: CIP:40.67.248.234;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:nebula.arm.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230022)(4636009)(39860400002)(396003)(136003)(346002)(376002)(451199015)(46966006)(40470700004)(36840700001)(7416002)(36756003)(44832011)(41300700001)(82310400005)(83380400001)(36860700001)(2616005)(1076003)(478600001)(4326008)(5660300002)(8676002)(966005)(7696005)(356005)(82740400003)(426003)(8936002)(40480700001)(26005)(81166007)(6666004)(186003)(336012)(47076005)(54906003)(86362001)(40460700003)(70586007)(70206006)(316002)(110136005)(2906002)(36900700001);DIR:OUT;SFP:1101; X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR08MB9002 X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM7EUR03FT035.eop-EUR03.prod.protection.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: e664ca60-6c8e-4e57-8fcf-08dafa36c778 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Nkf/Pcjr/Tu/e/7gnU7n9gglZ09RGwiGB8ZPzm5gOV4G/HbetPJJvZ+7tcXeTYr3pKuIUnXdyQ5i+N+ilSlN9ytPPOv8O1z1U4d6qvDb6DhQ0Fc2IX3rxzymZPmDx6ok4IAndXIH1oncX6dkmLEAhvJv80kOYzQ+UDCREEj2CZd6Xov588cd2z1DOUk2vnbfiAHs+/RJ1xJ1Zx+yC20yJ7NNqXYGu0+sjGRni0xmuAKsJXt+j/C4QBQ6xNWuUxa8W4JHK8xUqz3zMdyLO4wqczx/iCWxN/4cP1hUA0Aa4og//erjH2rek0yvegJj+m+SiNaJC6L6D4HWM8szcHMEa+msJSuYUwrhbyWbMR2l0IyyZNCwFMr06iiEQbs745EMOkZgRAwYClZxVT28ErFTE4lbpQJemE+ZgYZJn9ajCVuKg/BMSfYrcTyyMLNf1v/H2bf9DUbmwpCcEF0p9v+Yhungp8VRgopVNijqxw7lI3n6db2r4Om91b0XcEGnjyg1g4ReV/VD72EJ05PwsOMqOZ+EQ6bjiOMO+bDPMC9phHW5I9/h+mdt8I+fTIcTIV1PASXgA0SErQiwMPh/Vm48yMssZ+3ZJIPQVmIn49UYekERID4sKWwyeakJawxOeuPA+BTwm5tjfsSG8FY5IZUrwaCjkIfAVe4DbGrFs/4hf8l6PN2yvyNQ7WRP9pz90vftJ+MaKq38SUl2XJYKXHJiRoCzKxKEY6jNB6YAhzWPv+LBelO3tgw47Amekig/UbIqnXdBaY8nprN5fwnpTiey2A== X-Forefront-Antispam-Report: CIP:63.35.35.123;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:64aa7808-outbound-1.mta.getcheckrecipient.com;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;CAT:NONE;SFS:(13230022)(4636009)(376002)(346002)(396003)(136003)(39860400002)(451199015)(46966006)(36840700001)(40470700004)(36756003)(44832011)(70586007)(4326008)(81166007)(70206006)(86362001)(5660300002)(2906002)(82740400003)(2616005)(54906003)(336012)(316002)(40460700003)(8676002)(107886003)(7696005)(110136005)(8936002)(6666004)(41300700001)(426003)(966005)(36860700001)(82310400005)(83380400001)(47076005)(40480700001)(26005)(478600001)(186003)(1076003);DIR:OUT;SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Jan 2023 16:04:35.8211 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: cdf0ca9c-864e-4631-80dd-08dafa36dc60 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: AM7EUR03FT035.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PA4PR08MB7594 X-Rspam-User: X-Rspamd-Queue-Id: 17B82180013 X-Rspamd-Server: rspam01 X-Stat-Signature: heoukxthu7fgozwbknm7o96do6ehaysr X-HE-Tag: 1674144279-596912 X-HE-Meta: U2FsdGVkX1+FBc1qqoh4gEbsV1v7AwpcKuMlArkogHIsbraKcpJyoDzOVB/M2slOSC7WYinNbH4Co75GR6sbXSgfXakRIdJO2P6XIxl39NFSr6HQaP7Vaf5JDgAwuJi4L4ltBg4J+sfQhHUIzaLKcth4JID1SE7AtD0KmbeDcMyHdUmQNICU5vqmWVw4U5QGalse4hSOUICERryiwttAFvBSPW/CW6dCyMmEkcBEedFvBNq2H8US7obdMl90aHt2l7qVHlBc4Wxf/Mqv2l1Cu78F4hr+jKHwy12aPh8tA6nU9J5H0vJzLT7FbsHgIxAH0qjbThK6Ew+WLKXMFjiCKvqQX64YTl7GMpT6jT4CW52iZaIVwFnt3etDvGZqM7VI6XjxBa2R4Ysd2s4ZpdEId0PrbphzrP2IY9d7A+5HlYfQ4mUBUNF6YhEK982qtZidyGOiJV4O10WGHMHhQ3B1II+Boiw1Q0AIhxgTEIsXXpUqsS07s2j9Ma5hv3OcoQ2C6bSgarzezMg4h75vMMGTxACkzo4PvxVay2T5jcjjKWKKxtLrOTFCuIrh09x7EZOnakAZ6ZDwD7GwnCOhGs5ZH5b/1MtEurz2XopC0WFrD2pMyvIpuUZW1p6QqqOom3SliDgLeidV2y+vGq8OPV8Rkyo02yLV/g+7HDSdck0I83hOXEEbj/Qr+Rqwetnbey0umw8YZyY6Lli7S/SyBvNgJqcI/2rMC3LmKxk4/KiQEgtQ8Oeg6DZjexmNvi2bNCNSYXorOwjXPEiPjN5uFE8ApEzpjv9nkHAjltzlG51hMoUHZzHcg1in7TOMb96kpof8728TElzELxPLPGZog2/ArA/7+rsBUshy4QBzo2+5OeEyHmaRA3pNeB8ViWMG2PycN2QsegGArPJNWna8x7G/VGSkk0uesykkuR//0KpJHwUqBA03+gdLzaQXPHrJWjJQNZfvIMCG/0iQT5dTy1O I6JQXUmB GiHtVkrgX5rreaS7f9cANeJWo5cVpq3ri3XDKcwc3SdEskzLr5Xduk6/N7DbqNOoLwa9Aq7AbIWI6vFAH/ZraLtALqg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Hi all, This is v2 of the MDWE patchset. Changes since v1: - Rewritten test - thanks Kees! - Added comment to `map_deny_write_exec` - Moved flag check into mmap_region, should be no functional change - Rebased onto v6.2-rc4 The background to this is that systemd has a configuration option called MemoryDenyWriteExecute [2], implemented as a SECCOMP BPF filter. Its aim is to prevent a user task from inadvertently creating an executable mapping that is (or was) writeable. Since such BPF filter is stateless, it cannot detect mappings that were previously writeable but subsequently changed to read-only. Therefore the filter simply rejects any mprotect(PROT_EXEC). The side-effect is that on arm64 with BTI support (Branch Target Identification), the dynamic loader cannot change an ELF section from PROT_EXEC to PROT_EXEC|PROT_BTI using mprotect(). For libraries, it can resort to unmapping and re-mapping but for the main executable it does not have a file descriptor. The original bug report in the Red Hat bugzilla - [3] - and subsequent glibc workaround for libraries - [4]. This series adds in-kernel support for this feature as a prctl PR_SET_MDWE, that is inherited on fork(). The prctl denies PROT_WRITE | PROT_EXEC mappings. Like the systemd BPF filter it also denies adding PROT_EXEC to mappings. However unlike the BPF filter it only denies it if the mapping didn't previous have PROT_EXEC. This allows to PROT_EXEC -> PROT_EXEC | PROT_BTI with mprotect(), which is a problem with the BPF filter. Thanks, Joey [1] https://lore.kernel.org/linux-arm-kernel/20221026150457.36957-1-joey.gouly@arm.com/ [2] https://www.freedesktop.org/software/systemd/man/systemd.exec.html#MemoryDenyWriteExecute= [3] https://bugzilla.redhat.com/show_bug.cgi?id=1888842 [4] https://sourceware.org/bugzilla/show_bug.cgi?id=26831 Joey Gouly (1): mm: Implement memory-deny-write-execute as a prctl Kees Cook (1): kselftest: vm: add tests for memory-deny-write-execute include/linux/mman.h | 34 +++++ include/linux/sched/coredump.h | 6 +- include/uapi/linux/prctl.h | 6 + kernel/sys.c | 33 +++++ mm/mmap.c | 10 ++ mm/mprotect.c | 5 + tools/testing/selftests/vm/Makefile | 1 + tools/testing/selftests/vm/mdwe_test.c | 197 +++++++++++++++++++++++++ 8 files changed, 291 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/vm/mdwe_test.c