From patchwork Mon Mar 3 05:09:19 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13998193 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A7CA9C282C5 for ; Mon, 3 Mar 2025 05:09:46 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E35B1280017; Mon, 3 Mar 2025 00:09:42 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id DE3E6280007; Mon, 3 Mar 2025 00:09:42 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C0FB5280017; Mon, 3 Mar 2025 00:09:42 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id A2219280007 for ; Mon, 3 Mar 2025 00:09:42 -0500 (EST) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 533C5160CAF for ; Mon, 3 Mar 2025 05:09:42 +0000 (UTC) X-FDA: 83179062204.08.BF61E5E Received: from mail-ed1-f53.google.com (mail-ed1-f53.google.com [209.85.208.53]) by imf01.hostedemail.com (Postfix) with ESMTP id 5EDDA40009 for ; Mon, 3 Mar 2025 05:09:40 +0000 (UTC) Authentication-Results: imf01.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=Wy6B96eZ; spf=pass (imf01.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.53 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740978580; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=vYjwm8dHrLXGz6gb7qV5M3QfXuZDejaPJfbAmodOPNU=; b=5glz3whYqFT9C/XvZl9j8sMU/iwxXrVxkzP8a6s5yvf/uUTshKUJ36iVJSW3AJalK+RAee Xpf6IqWD/bxnFWWN4WBrASW/Lnq7xYpV6mhAy1+bXGPUTKj47V+O0OVV5rb2GD0O6yg5J9 KbrOd/JiZg2lsqH/tERrR01fjeq9m9Q= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740978580; a=rsa-sha256; cv=none; b=sV+97147J/7DI4865E3FIi1RzI4Gu7k50RBR4lLjaeWGchiZXwAAUOOIzPwjaU9O6eM0Tz eaqFPrVFUnDJaa5c8+g4A7H/e3Sm6ymIBFZmMGQDaUHJ8haAMwVqFeh1TLPlIrG3CPy8uD yncMt5gWja4k5AFbuifgZTouvW33/N4= ARC-Authentication-Results: i=1; imf01.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=Wy6B96eZ; spf=pass (imf01.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.53 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org Received: by mail-ed1-f53.google.com with SMTP id 4fb4d7f45d1cf-5dbf7d45853so648529a12.1 for ; Sun, 02 Mar 2025 21:09:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740978579; x=1741583379; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=vYjwm8dHrLXGz6gb7qV5M3QfXuZDejaPJfbAmodOPNU=; b=Wy6B96eZ5nhQr1mrbR4yQvV10usKmEeE2LeEzYrdKT+wSFw38EiZeubhK+myxr1ljW y7Wpniz/Wk8Wr7933kZJwS+7i0uHmll+frHLcjKsf0i0UOuKmJhJYEKo2L/SRCsl0a39 ajJJah3woatQscKyoSojTcA4ZeFdqxUyO6pNQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740978579; x=1741583379; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=vYjwm8dHrLXGz6gb7qV5M3QfXuZDejaPJfbAmodOPNU=; b=drXPGs/NgBzn2blIDLFyVA4cVoJvqx3FOzxBKV9neu5VlDiOJltYzgIIGGNwj88aFD 3IgCIi+twnBRZmLY29uxqfqGahielPrcN8VDYBVYQFPNps0r19xA9bzGkYXtODAJS60d D0uaSTCvJQQMZ81pPGOwc4enIJgDt7xENQAdkzaLCAdvwkEtPABhxdCllXA1aWxFDQIK v8tM187lgaKCuLCLEqY4a49bdZERhZWXakbwWqxwv9PBf2PUqAIpr/37diTAzK5D1WNT Z84uXYolNJZUNls3T2nTcUDZJE0X9ho5Y9QXrZggAlIfF6PEGBP32c+O5KcQwj/rN5ci u3bA== X-Forwarded-Encrypted: i=1; AJvYcCXu5Y18MzlvEWlrVusKSKQNYb6cwODV8SXfawNKioiKiBApT350oU2GyR0GeoyEdjujAg2aQ2N0fg==@kvack.org X-Gm-Message-State: AOJu0YxGA3KCDxkcqAk82m7VsELZzoa+J9cHEyr57s4UhfqmBHD3a8R5 yj0kn/V6ZRnjbSkI4DoiJsQHcXHWREOy307HZkeDgacoDTM252/XVet2U4PZrw== X-Gm-Gg: ASbGncsbjMt0CMt14QTwqwySn9dF3eURrA7duEjuqFbICt0LtCLNPtJtEghF/JVi2pT vX3FfWIgYKhykN8jXwkML+iROW8dKvHmERq4sT/+pph/mYxydGRYR3wMmuN+KaoM2QHpAc5FT2d XpjRB9YN3E+FlryxUKHGhye5nbY2RGeoRDjPTxec813nTOm/8X09OiHfZgerI+SRsAoKvJcKRjl CFuWXhU4nJOQHovSmR3RV8JYiqgKzfI027JArd4oovUzv9iOY0NQ+FE4yxfcZVzfipMyXNf0KUD hCXQaJgR4s+tAWR29DcoV46Kodr+dB5NqWShxnogP4N0Ul6vUYDBgoe5l1eG2eaX4gHMdn5jY09 a X-Google-Smtp-Source: AGHT+IHtOuKA+9OaPh5jrHwcaVGv4sg/p5d2FB/xdLoG2RY8640XMMB99IsWJcicRocUIUi11DwD4w== X-Received: by 2002:a05:6402:518b:b0:5e4:d192:86c5 with SMTP id 4fb4d7f45d1cf-5e4d6b85dd2mr4581736a12.9.1740978578724; Sun, 02 Mar 2025 21:09:38 -0800 (PST) Received: from cfish.c.googlers.com.com (40.162.204.35.bc.googleusercontent.com. [35.204.162.40]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5e4c3fb6067sm6248635a12.50.2025.03.02.21.09.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 02 Mar 2025 21:09:37 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [PATCH v8 5/7] mseal sysmap: uprobe mapping Date: Mon, 3 Mar 2025 05:09:19 +0000 Message-ID: <20250303050921.3033083-6-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.711.g2feabab25a-goog In-Reply-To: <20250303050921.3033083-1-jeffxu@google.com> References: <20250303050921.3033083-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspamd-Server: rspam02 X-Stat-Signature: uq6t9chho7chpbdgonf4uid11xparmm3 X-Rspamd-Queue-Id: 5EDDA40009 X-Rspam-User: X-HE-Tag: 1740978580-899672 X-HE-Meta: U2FsdGVkX1+62MyHb36R4aSS203MR37Fci+KwLwULO1nf//wSA9Uxo2cOWoAksEn9FFbD+GGj7X/ZYhKjmxy8fp/so0uRCTIiASSMFonfAg5WZCTg9LeVuyE1hIfRQs5nJ5hZoh7b44cuNPfxxmQ1tsfzdFn0EPFQ00wLoB9PPCWEth22NJaVuOpqa98wOgc5ser4RDuS1aXkSifXqdP+4OsN+maw1nRfes4vnKkasIrsD4gM/eed9g1NmceXWDCSLkySaD6Y942LojSpYj6DVGQSUymmbYU6AfjR9Ws/dII/OvdjRUDcotZXswT1V8alpCoZ0UQe2OXtEfePR4LAQ3UucU+STdzbpFzIFy/6Q4C0sHFh0STBqEyOC0MHAYQB3jtFVygkszILN7UduxPIyQplP8N6EuLqZb/6mXWM2BlNJzl1nMhAJwAByDEWC+nIk+ddRO8Se2+edtyG1nkI8aj+5Y6pzAAQRP9mXmFNJg5wf2+bDAs+QaDuJOeTchBVqoRu7XWOL2LmX+3p3LYs5sARJufxo/zE66oP1dILbuwkF7b+z93N0kA+lkByunAmbR+E1prT3fohYBN86b125bbA+KghYQ8nHjFfpquM24po8GJmIMCCvrSjAzM1SQdXLolYZZX2EjquR0TJ+HR0E6DHBOZHe3sAx6/gz8SnuMFw92gZCUQ3AuG/LVmFCZC3ZOaxePVICPuGHOD2mSc5tIGp6bBSSieGed0VG8hfVaqe31WRutXIA+TKthqSM5sIpePgZ0AOe3Ucp5NRTELmDPDbuk+g6yH0FrfWVthuI3OJTM638vv1odTBvxBbcywDzVgmsB4FcG42Epy7t16jvH45/8hv4i6Wu2Twv/ZNHd/hMwViqhrsPc5iqUHoUrWFVLuk8Eh9UetDVGXM1SG8UqWA4se3kixKuC29aXDNPSvwbkGzkDGUo8GpEv6cMGt1K0aUay7upCpHop9j6d jJjhzQc7 n0JpLo1nKzA0HfrPN7AJaAilP47uDnfrnO1yd65PiilG/iovZcwRXcmpk+kkv4XEtTFVRcB6wKcM7hwP/BWo1QsJliRTOjFztsbkcBrFnmuaEMIVTtc4YtXmO0GSywKx0E5BqlleCngXOUUsQi8+GJAPlnGr3XcMGuvulR1vQ8Gu2u2euLiVlZM30tuFyyX3IIy3nrWfSowdSy98ORrZkQaIPw8A9JoPs0MEOx+fOuxU9S6GSYGhdwsADpq45wLu5ytu7Ums44ynYu+hl74ACGWGE+BXvsJ2zrRT3jGfw79IxqD3Z0YSss27wxlXMVIi17QQnFSMe0zWGkY7e4IYYgw++eMKZ3We2ouVi81Jxvu520z33lwAkix5KOw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide support to mseal the uprobe mapping. Unlike other system mappings, the uprobe mapping is not established during program startup. However, its lifetime is the same as the process's lifetime. It could be sealed from creation. Test was done with perf tool, and observe the uprobe mapping is sealed. Signed-off-by: Jeff Xu Reviewed-by: Oleg Nesterov Reviewed-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett Reviewed-by: Kees Cook --- kernel/events/uprobes.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c index bf2a87a0a378..98632bc47216 100644 --- a/kernel/events/uprobes.c +++ b/kernel/events/uprobes.c @@ -1683,7 +1683,8 @@ static int xol_add_vma(struct mm_struct *mm, struct xol_area *area) } vma = _install_special_mapping(mm, area->vaddr, PAGE_SIZE, - VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO, + VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO| + VM_SEALED_SYSMAP, &xol_mapping); if (IS_ERR(vma)) { ret = PTR_ERR(vma);