From patchwork Thu Oct 17 00:51:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13839154 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 59C7ED2F7D7 for ; Thu, 17 Oct 2024 00:51:13 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7B1886B007B; Wed, 16 Oct 2024 20:51:12 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 761A06B0082; Wed, 16 Oct 2024 20:51:12 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6291C6B0083; Wed, 16 Oct 2024 20:51:12 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 44D336B007B for ; Wed, 16 Oct 2024 20:51:12 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 3C68114074B for ; Thu, 17 Oct 2024 00:51:01 +0000 (UTC) X-FDA: 82681264974.18.DC39E46 Received: from mail-pg1-f173.google.com (mail-pg1-f173.google.com [209.85.215.173]) by imf28.hostedemail.com (Postfix) with ESMTP id 2986EC0009 for ; Thu, 17 Oct 2024 00:51:00 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=KM+3L+7S; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf28.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.215.173 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1729126163; a=rsa-sha256; cv=none; b=rvWOkQUL5P0V6nx/Ct5PmzybWxSiRDc2acwoK48IU0o1qsCG4X7qyaCcaxII2dK5yEsk01 g7taE42bCiXXUTo2LRjbYG8CxQkPhJdLi7DCVGzRiXy8RaGbOAlfWODD4Kl2sAZrq0jI34 G4d09s3NDgT4loB0GfZ2W/6RzR2vidY= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=KM+3L+7S; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf28.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.215.173 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1729126163; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references:dkim-signature; bh=oNLnN/iucIUQy/y3ju6Adhzlqh5K8kEraoCv1/E/7vA=; b=hOQn7TB66V/yBuHCyuUUDYt0v3rR8wrb2OrCfTKAIm7Bv/+D+yv/vcw3LTAt9JLfgJ6W5I 1aqnAlXxjW0aoviumMQU8G8sv9LqOEDYqPJS3hz2EIFfSg4KzWvTeJAE5/5WBgTpzIWf7b mko+gO3r8jiHaekxZce6MZRmZDD/ngw= Received: by mail-pg1-f173.google.com with SMTP id 41be03b00d2f7-7e9f377a3c9so44470a12.3 for ; Wed, 16 Oct 2024 17:51:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1729126269; x=1729731069; darn=kvack.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=oNLnN/iucIUQy/y3ju6Adhzlqh5K8kEraoCv1/E/7vA=; b=KM+3L+7Sh09BCDOFnKQsk7Ur21iuGfGs4q9KnMgSNFsquPPdfSxlBcZxB6caqNbdGH nq4yFPO51oCSWQ1tWLdcTFNDCLZqVeWrWo2nX6SXgT96m/HxdiCsEcPBm7yFgjshjN7e LWvoGlNTZ41ewHxD5GbcAmSFLoL0vCH3egenc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1729126269; x=1729731069; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=oNLnN/iucIUQy/y3ju6Adhzlqh5K8kEraoCv1/E/7vA=; b=xQgbZJCXs+a570LuFoiqVaVqGHUBoPrmGLXYc9fnNHjGtFpTAYm3GP5Lbm+IyQpbyM 6pa0QpuBT4fVQNCE+/PETZZY/RXayL39GJ83wrXgXFqYEqzUDpQoxKPvGBaAZ9LyNv/K xwWGLa17S3DeceMRAnr+523a3WxAXiuugsw28W72CcMk3SR2GfMfuiuH7NFbWcSgjAd6 cwT3uPRBHVrsyq+w3quEDPcFTCM6k40+QEu6j19qnqMFdGM0JSM5YhEBW5mNrCbWB6Kf +yeS7MWdYhXNnMwiEt5tp90yf9mmyz36ItVL7WjqKidizi4+GnYdohHGvj8wy48893iQ dgcA== X-Forwarded-Encrypted: i=1; AJvYcCUBs+jYeHZTOjtZ6yAwsB7rEEqGJTD2BlKEjUdACXw8eIC4QHwN9c7fNHDFQvnMvi1FPxoH+DdEUw==@kvack.org X-Gm-Message-State: AOJu0Yz+xJ4fK0Y3hCP0eFXDrwB42sZCMUVrF9bfvfVFP8tXegWWHJRZ 3xwJXP01IBuIIabCVT8N0PbhmsahJY4MBCy9+WuItlTogxpVoPX/Nd/tQNlSTg== X-Google-Smtp-Source: AGHT+IE/KwJHBKXnkbyNA/+4lZaIr5QamZ24gPBpSlNBEOwhpQ1CTC7sgfsehGTCkqBVVE0FRU0pPw== X-Received: by 2002:a05:6a20:3944:b0:1d4:f5e4:6a9a with SMTP id adf61e73a8af0-1d90cc869ecmr2448743637.12.1729126268835; Wed, 16 Oct 2024 17:51:08 -0700 (PDT) Received: from localhost (56.4.82.34.bc.googleusercontent.com. [34.82.4.56]) by smtp.gmail.com with UTF8SMTPSA id d2e1a72fcca58-71e84982905sm1770554b3a.96.2024.10.16.17.51.08 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 16 Oct 2024 17:51:08 -0700 (PDT) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, torvalds@linux-foundation.org, usama.anjum@collabora.com, corbet@lwn.net, Liam.Howlett@oracle.com, lorenzo.stoakes@oracle.com Cc: jeffxu@google.com, jorgelo@chromium.org, groeck@chromium.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, jannh@google.com, sroettger@google.com, pedro.falcato@gmail.com, linux-hardening@vger.kernel.org, willy@infradead.org, gregkh@linuxfoundation.org, deraadt@openbsd.org, surenb@google.com, merimus@google.com, rdunlap@infradead.org Subject: [PATCH v1 0/2] mseal: fixing madvise for file-backed mapping and PROT_NONE Date: Thu, 17 Oct 2024 00:51:03 +0000 Message-ID: <20241017005105.3047458-1-jeffxu@chromium.org> X-Mailer: git-send-email 2.47.0.rc1.288.g06298d1525-goog MIME-Version: 1.0 X-Rspamd-Queue-Id: 2986EC0009 X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: tmh3oq6ysuy8x77o1pe7udrxmy5smdbk X-HE-Tag: 1729126260-913459 X-HE-Meta: U2FsdGVkX18sx9PATlEG/SvHYmOlriZxJ/54bGgFfBW/1PFtvcvjvHK5qYSa9CEhj6X0cAvpV7XLYYbOYpVQTSXeIz/z8BHhF+snTPar7Awh9vMkdPBs5LPCJU9PV9YrWf6KCwTu+Et9RAtQ31a/SsD+WuoPcUQ++i5FeEECOR9LcwMX7CSb3lXEY0kK8RizDavDPibSQirKgQz3SROGOiGWG0xHforFWPFuUccl58y0GzE9zEJLod1cUi8a2t+FDOhFYRCu9JYWzaVQiUN4I+mgp57eo6QufCyoRfIiYdd1kqj6imt6mzvJnZr5eM5LsU8pDnhzZe/BM/RighOg2GdY3m9nMkH+rqXlUjlVGDdFFU7nWCNNYnm1EWsC4uTD/c8UhHHO0QmmXPCEYfwfhIY3bvSy0mEf5XCBfss4900b4PQJb7bSLkZjX07D/u3NtbOan3yJXApUc3RgSOAPKsPAqfZmjeRrVFJcmqgjBTRelI2BdZgVZntufzcEXaiWxB7+BwaaEgqRmPL7BU0y4Tc4eXtoFobP2N6Mz69OEvNdfweY7oq+3irYjmbl0DuEo/jt1vq49/BRmzO40Wkgqw540C6W4G9PLbjTio4ctIIzCU8qXM2TxYL3IihzAEBTLSlj9osHpwokveMH5/7AXBCMU7P/5+afW/pfBlSUs0Ju/TD5IPn4f5eTWkc20CAFk1wQYur9sy8MoHV9/7uX+z8N2CtJx0kYRXU2axuD3n0vX4p6za6YgAU5Dy1pcGIM++2iKEYwlaHJEcP/OQB9qojXIl8fXGs5Zs3YKPM5GHzRBkK7SKVmu1nY1i9xveLzSVUc9dZRSKTnYr+tau3ZiPTG8/rSpdNL1wWQ7IyjeDl2CIycE0lveq3h0WaFRCeFV+euMKniBEMx/4mK83zHGIBDkdDcvAiAUxKVXVlQECdFSScTSfnSO6Ae/rzdG3CTQcDWnjgTTESEysR4y7I /L2Nt1Iv 9HE+P6hIyKS9af9P4JpuRIjVe3otbMrQVrt8gwImc5tXzKC43HGDr1TMkbql5F/vD1X3Y90hPIw20An9kl5TALpTm76keP95xBAqg8Z1UtBVUQlbwt5Ck6T8niiHU3YqEeQ6YswnPwynn2y2TDZLlJfw53nVBOCwQeuQM0YsTfQaKoa6a8n/0tSr75yJo9N/khKOW8fJNPkzEh6utg7zHUkkig7VRuGoVVFU/PdWftyLKw36megrlfbc1XdLrGRn5DV9zuPARcW8uF6cmeK6v7AFUwSJjxQgib8US+Ddz8H9eibt+Oe2eQo6rr7yO++ExsIgFn6JhYt53rGX7/DrStq8pzy/LXFRJPxj0f/nELVd632WXEx4A0So16w== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Two fixes for madvise(MADV_DONTNEED) when sealed. For PROT_NONE mappings, the previous blocking of madvise(MADV_DONTNEED) is unnecessary. As PROT_NONE already prohibits memory access, madvise(MADV_DONTNEED) should be allowed to proceed in order to free the page. For file-backed, private, read-only memory mappings, we previously did not block the madvise(MADV_DONTNEED). This was based on the assumption that the memory's content, being file-backed, could be retrieved from the file if accessed again. However, this assumption failed to consider scenarios where a mapping is initially created as read-write, modified, and subsequently changed to read-only. The newly introduced VM_WASWRITE flag addresses this oversight. Jeff Xu (2): mseal: Two fixes for madvise(MADV_DONTNEED) when sealed selftest/mseal: Add tests for madvise include/linux/mm.h | 2 + mm/mprotect.c | 3 + mm/mseal.c | 42 +++++++-- tools/testing/selftests/mm/mseal_test.c | 118 +++++++++++++++++++++++- 4 files changed, 157 insertions(+), 8 deletions(-)