From patchwork Mon Feb 24 22:52:46 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13989028 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id AB0A8C021A4 for ; Mon, 24 Feb 2025 22:53:08 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 38B93280017; Mon, 24 Feb 2025 17:52:58 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 36570280001; Mon, 24 Feb 2025 17:52:58 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1407D280017; Mon, 24 Feb 2025 17:52:58 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id E3D98280001 for ; Mon, 24 Feb 2025 17:52:57 -0500 (EST) Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 914E81402D8 for ; Mon, 24 Feb 2025 22:52:57 +0000 (UTC) X-FDA: 83156339994.01.2464877 Received: from mail-pl1-f173.google.com (mail-pl1-f173.google.com [209.85.214.173]) by imf15.hostedemail.com (Postfix) with ESMTP id A27E5A0002 for ; Mon, 24 Feb 2025 22:52:55 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=geZCTTWM; spf=pass (imf15.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.173 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740437575; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=JC+iCaenVWT1qC+wv1WYjnvGE2KwlNSxR7B2FLEJRHA=; b=Ql7ST1A33BQlJbuM6ygDFkxO642sA7prBQ3Xv2j9AxQXVPdTHCpUKbcvT/BYdUAueUrvGT RSNrgy1w7uF9ZVppi0wHZy0xttvwTVtf6CMSiORwE47/kEVLER5w8RP69wI7QYbE1VuI7U Hm00qJGF9BRgCYMduAr/pE+r/N4YWQA= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=geZCTTWM; spf=pass (imf15.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.214.173 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740437575; a=rsa-sha256; cv=none; b=D4FKVDYHjkzxQhK3qEy1fX9RBrmE5xuihyKl803wllvE6Qj5u99i0ruKHCshe+VmC+rBij 56idOr0ACO3Dqtm29KPnlYeRODPohNHcJjPlqlsCcADAndAXK5D8+qdIFSby9Oi0PXaosx Dpfjrl5lG9qrAlglnhNBFWR5LnY+hAQ= Received: by mail-pl1-f173.google.com with SMTP id d9443c01a7336-2217875d103so11454495ad.3 for ; Mon, 24 Feb 2025 14:52:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740437574; x=1741042374; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=JC+iCaenVWT1qC+wv1WYjnvGE2KwlNSxR7B2FLEJRHA=; b=geZCTTWMR9tGRDtNMNvvP+gQt/F92WXUmdxlB3w+DojbDXfJxrNRzJhyTC3/y2SQdg ijHsL/m9TnHcZGavPPw1ZNS9dtpbKs68DePPoC1gNL5vriK7ruVcbei5+3uKe7ADbtXj GeZDdNe6+ANHKqccT63BKVR4xMsylNz9onKK0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740437574; x=1741042374; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=JC+iCaenVWT1qC+wv1WYjnvGE2KwlNSxR7B2FLEJRHA=; b=VlW6B3nVHWbrBafP0vp1Bnmf0TWwX+9wy7YOZWykEeghMGNxkPyAVcApbOZP7Sx8k4 GEGnnLXmFScKHk1NWxKCYAnnXiPO4FF5d0KYCgM4uV2wCdzXT7GDryEP1b6fI0LQ4Vcn NwWhWziMxGSRpaxQz2RBVkt7t0Fi2gtEsiLWo60dVRwx/mblGbvIV5m22flO98iDh4nX e2KmClvCQvd7lQHCUmna6w+d4enxg6yIqwrWXi4LwB4V0VKGzHVHgbnG69E4P3PdQbgT 7YnpGRD8b/xht5qjOv93xe9/PYUlUkCQ7OPjLjLpTkxSl9Zt41x+M5zpPWUWxVK/h7c9 /Wlg== X-Forwarded-Encrypted: i=1; AJvYcCVQzsRvuWl0uPWJUkQkmcTqZCqWrQTOXHRCnGa/81gNeWiISgIlCzhAfUzehYza/d8n1tR1/z5riA==@kvack.org X-Gm-Message-State: AOJu0YxNLRnUk2mzgeK9ntPHqvFUvW8Z7YjBHazXRVVnWOhGAVCTyoMz L9/TJz9ZmByBk+p7JbeZxx9lFNpg5IBTw1ml1pEvSfxT4Cg9fQo/s95qTKRwMg== X-Gm-Gg: ASbGncty5U8gAqmbAAYzVmeCZJlAKZHu9jR9Jb1zxqm3INoPaVfOzmIZl8YQ7P219XK sj2nHLdEVNIg66+5aH3vpT8W+T7SFHj4PMdmgeOKRna6G52FhghJrsWH2jb+VBJZxJ6n4VYW0n6 pDi6BX0H9MS+GPNXBTCu3lUOa6AqrScwL2KEbqD+ZDvN7wGdoGq/KOaS/ifXFMs+TbRQTOHi1Xj lf+r9YZvkoQBuQfWLP3EThz41mGAnVvXhFuRncFfIRrdJN0lWPizBg+I05Lu6BTKE7+S8dEQ5ij V/ItC+EMiy47wSd9I0ZMW/9EIc2/RZC2Rn4fSrgJsP3d4ZIaZr9NevenYzgU X-Google-Smtp-Source: AGHT+IFWvMJ1DifgHpp00NgiU+l7P2X3hIfGn/N0QZgxCBlNaoLWIru7jUXTs0mtOdXL84lprXpfPg== X-Received: by 2002:a05:6a20:3d89:b0:1ee:d621:3c3f with SMTP id adf61e73a8af0-1eef3b1fcddmr10299435637.0.1740437574612; Mon, 24 Feb 2025 14:52:54 -0800 (PST) Received: from localhost (201.59.83.34.bc.googleusercontent.com. [34.83.59.201]) by smtp.gmail.com with UTF8SMTPSA id 41be03b00d2f7-aedaa6475dasm110603a12.54.2025.02.24.14.52.53 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 24 Feb 2025 14:52:54 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu , Kees Cook Subject: [PATCH v7 7/7] mseal, system mappings: update mseal.rst Date: Mon, 24 Feb 2025 22:52:46 +0000 Message-ID: <20250224225246.3712295-8-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.658.g4767266eb4-goog In-Reply-To: <20250224225246.3712295-1-jeffxu@google.com> References: <20250224225246.3712295-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspam-User: X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: A27E5A0002 X-Stat-Signature: 8piatqpue414d35ozggniczh6axcty99 X-HE-Tag: 1740437575-51698 X-HE-Meta: U2FsdGVkX1/Sdd/ZtCr0zUE1VQxwaenAIFDnG/LfrqnXsAyCjGD0Zrvn6K4A7nEzQ1ahCulq0xBZenh5x/QlcB2qGRPym25aNORcb1wl/Xe5wh0N88lpcWx/kkPDyaNz4AJwwSlcu0uJuSKFZOd8Wk/CMWG0MvWImN0++GiLdOSIe4fRqKJK+F+byt/f7GGj9iylHXRswno0iJoK2wibcttVqZ1ElkjQrAXzgow+Mk8lz7y0RZ6BKoCDQXwQUemlkDD2W1922F7+RZxjyHEW7taDLvqLFtWrvUuNhnND4em47qe1bb/KYxjOWjllhjTEM965IC1+MTYFApap2WRk2hsyDFyDIr+/NsNRR7wrAMfJv9oRsQY1dcehC1TCDubP28OWG2WibrhVp2YEoqVZwGFISGz9EWYomuT5mxTKRWGABQ099wh0FMRjxxLBcKArax2R6M2/sgguQTUEoBCZzleVtqbaYcyUXg8LcmaXFmHaLaw0wklQLp4KVEcDVd//mgMsEmxfsgi504esnUbTwd4pMJH41VOnua2pHWNZtPl47Nf8nYKpeepd2WeztP/bonTTnX/pIrrGvU6Ucz4nWiNiPE+xP2Jk1y4TwsQXqVG5HT67yehNrshKQO2AkVI2yBcFGMPaYPR1gRgurkTJ4fuOEc4C1En6V5SzqJo3EZRdQ2KCkoPwuzLAeSwLrIMtesvAzBghc0+mLc4P9ucN0D3oSNOebTs9+tH01ucd9Jw/5jERUQKvczzTAy0tyNXiS3mp8ADL7kysqCv5GIDeDF/UIYLO+MdyvXB30SznF+zMwhaVaIJff5dnxnmEwraJ7WO6s6X3mmehzNEeZpiWanMfQwouXEqsAclRbk3H7k3IiR7hWemLHZ3VKR8MYn/hP4tLCz1NFeWtGA307CVlM/TWVKwID4VR3TpH9WwX8VScHuU6l7GJ/Gp21E0eyjqGEgkSANAO5loF3NulBKc o6Dwi88B gd7/ukb5t3DzR46TbMWY9MZEPoYJbRanqqdj45B2JuPTMVJqc49NF/i41G5rnJNIkZf7x7NqA+RqDKHtDT+XkjXG4fnEpvoFbVWw16W2Afu6JrFisGelqNEEWu0e2nfxa/rJi1dnN7ZVW98BlgujzgwwvzEVI8nAsOdB30baqyFoN5mDwW5iPrZunHHrzCseMulsNT1LHbWoSjS24mjVPEOSJvzWiPQ4kobuuOmLOZ9sR7dyotXv5Dhz2FIFOSycF+WBAXLpts0hUba9w3M8TSdTiob4Mdb5fSbnzFEg2TdGadT/cNRkrJUfNA/Iz/vIdXRu2ZLA2eTvoyRFW9kM1kt17AvwfWxgpP112SBHNs+R2bhLZqlwdqbt3G6ifz2oAiIDRZfdUiLuCp4I= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Update memory sealing documentation to include details about system mappings. Signed-off-by: Jeff Xu Reviewed-by: Kees Cook --- Documentation/userspace-api/mseal.rst | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/Documentation/userspace-api/mseal.rst b/Documentation/userspace-api/mseal.rst index 41102f74c5e2..10147281bf2d 100644 --- a/Documentation/userspace-api/mseal.rst +++ b/Documentation/userspace-api/mseal.rst @@ -130,6 +130,13 @@ Use cases - Chrome browser: protect some security sensitive data structures. +- System mappings: + If supported by an architecture (via CONFIG_ARCH_HAS_MSEAL_SYSTEM_MAPPINGS), + the CONFIG_MSEAL_SYSTEM_MAPPINGS seals system mappings, e.g. vdso, vvar, + uprobes, sigpage, vectors, etc. CHECKPOINT_RESTORE, UML, gVisor, rr are + known to relocate or unmap system mapping, therefore this config can't be + enabled universally. + When not to use mseal ===================== Applications can apply sealing to any virtual memory region from userspace,