From patchwork Mon Mar 3 05:09:15 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13998189 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 73EC7C282D1 for ; Mon, 3 Mar 2025 05:09:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 028FF280004; Mon, 3 Mar 2025 00:09:34 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id F1B2B280005; Mon, 3 Mar 2025 00:09:33 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D467F280004; Mon, 3 Mar 2025 00:09:33 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id B54E3280003 for ; Mon, 3 Mar 2025 00:09:33 -0500 (EST) Received: from smtpin22.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 7754DA3445 for ; Mon, 3 Mar 2025 05:09:33 +0000 (UTC) X-FDA: 83179061826.22.9750B40 Received: from mail-ed1-f49.google.com (mail-ed1-f49.google.com [209.85.208.49]) by imf09.hostedemail.com (Postfix) with ESMTP id 81D24140002 for ; Mon, 3 Mar 2025 05:09:31 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=ljuyDYRN; spf=pass (imf09.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.49 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740978571; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=l7VSfLjBmGBKkv3gMTnCC363Z9s/33avq58JVEwv99I=; b=f4X86G5E8nAc2ZnQr/uvBalKGTq//qna0eTR+Pci2MpNud9s8p/jhOjFO7qL+d6lZzaQ0A ED+lWmN1qU7bqxn/4nWk3jJZW9QfieN5dLD0LiUxdl1S5KzFLvsgYmZMp7k7arzxqu0zwS UxH+FDFtkRoalSbEl4cRl38CxOKxQZQ= ARC-Authentication-Results: i=1; imf09.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=ljuyDYRN; spf=pass (imf09.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.49 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740978571; a=rsa-sha256; cv=none; b=QNnPN8dpPbokQUg7B9RpDRsGJHNbkF8oFv/PrxPhV2yw9lX82PD56CNe6f+XhOwMQxtEHg QI5JI8DCgQEsrz3O1BtsWdiQuWzmMa2Tt4OytY8UcCaz5k2y5jeUug0xAbvEpR7zoHBNnG omVKohKgbuTkBudHDhbiLWLtVixIgo4= Received: by mail-ed1-f49.google.com with SMTP id 4fb4d7f45d1cf-5e4e8032942so309408a12.1 for ; Sun, 02 Mar 2025 21:09:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740978570; x=1741583370; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=l7VSfLjBmGBKkv3gMTnCC363Z9s/33avq58JVEwv99I=; b=ljuyDYRN6ryGM0a48wbpRwQZdvJX0to9bzPGtDd1XP7LRHOizsPfYdgGkvbtPlCYhL l/WZ2eSAnmhC11NtiDmh1P1o//QzKJ+WiwCzUmQp7Vfg7T5jQljTvJ0CyoDKPaFV4ome Plu4u8ghPXYmPvT9ucuBVH0ehYPD75IYS9qrg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740978570; x=1741583370; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=l7VSfLjBmGBKkv3gMTnCC363Z9s/33avq58JVEwv99I=; b=g0r+lwlg5lbj9AYo42KoGrtNsUbEH4Ch5BJwqmdJyoB5q43D3JGEt2sxlFCmxiJJDZ yXYLlun6cnEyfgJw/TBiL3cmA9DiWHAcU84353+zjRAv74zD4jf4QzUubuY1QmU2OqRW 2MLCJQK9mRDoaeOGKPycQFKTRc7koPsylmr1b8Ct1SJMK24OU/IfyZARQGlBpz6PS0Fa KlQrDeerSFbQynEVl4CzdOVTbF9hsZiF73hgGapScfN3FZy2fZSeCPrnhbaOA6y7TXpR drtofN+fO/tIb6UzBADjB2LEur4tOT0D5ncHKCKRMIPtRrOILXdKVMKkZe7+R3duBvJA PtWg== X-Forwarded-Encrypted: i=1; AJvYcCX1PLyFizAcZ1k7gYQ/qQLQc0ZPSYNDPGdmLohHt4qv5O9dWV2vBZCkD+dlufjtlIr+R0fdYDUcdg==@kvack.org X-Gm-Message-State: AOJu0YzUAbU9PJgN251HBIftJzZv3HV20zyXdA0n4p5hsa6Drp/UFTUe fkt79zYPpzupW/Jq41sv495dS+DSv9712WplV1bP0+xJPEObvY5xJ2IGo5s7gQ== X-Gm-Gg: ASbGncunDtOBBJa+IL4MARdqcurwj4MuEcQusLkK8Q/9/DCswnf/RN4RzYeo2X5JYwr 9zttl72L2Nrn6Ll4+cbYctLUwc96NuzfMyX9dFY5Jq68JxruJuVp2H+NA/tmhfqGrDWL0zi0y2N GshrY+1RS11gEq/oQoIA7QJpp7snKjqIKWAorHlR4rFh6iROLLvuimZcc8iLAMP+pwbp67o+k/Q B2St8JIEyVFv0D6xI7jHzqUrmdRCrsARtuj/UQfHFGIc9TD0KaGfqi8OH7X6AenGSBW8QDolG2S 7vJfeP54ggU7j5CzhgjrE5+79kX0VgfVLM5UNsnmj+akb0yx2IRdhrsiFcwSq6LEM9LIpEjKfA7 R X-Google-Smtp-Source: AGHT+IFxN3AMTZ+ZZSJlMVlRP2V4CZGjJgXRJF+0MIbx8rSkks+tYU3Lsh69tJGLjjaubvCJaozFog== X-Received: by 2002:a05:6402:2790:b0:5e4:b3da:6838 with SMTP id 4fb4d7f45d1cf-5e4d6b85b0amr4672505a12.7.1740978570067; Sun, 02 Mar 2025 21:09:30 -0800 (PST) Received: from cfish.c.googlers.com.com (40.162.204.35.bc.googleusercontent.com. [35.204.162.40]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5e4c3fb6067sm6248635a12.50.2025.03.02.21.09.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 02 Mar 2025 21:09:28 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [PATCH v8 1/7] mseal sysmap: kernel config and header change Date: Mon, 3 Mar 2025 05:09:15 +0000 Message-ID: <20250303050921.3033083-2-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.711.g2feabab25a-goog In-Reply-To: <20250303050921.3033083-1-jeffxu@google.com> References: <20250303050921.3033083-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspam-User: X-Stat-Signature: 5zoq4yezyt6sym3n4d6gxnzdxeb6de7s X-Rspamd-Queue-Id: 81D24140002 X-Rspamd-Server: rspam07 X-HE-Tag: 1740978571-962606 X-HE-Meta: U2FsdGVkX1/buBaRAj/EaY6dd5eCDowzFrTodoLTMsoaOuMXV4XZB8duTKvgux/Sy6cV8zOU7MQiU0aR5GtnQ3HlQ86cih43gLipb+0Xw7nNO33OzozXw85XD0duX67s39tYerMpgk+SPHwABx0xm3fUQ8KxvhdK1X04/JPfPHy1HYS8S/aXjSfcmVE2QNH0RUmo6K/ylPjPS1/R1p8ub4ZxO07qq5n5shBdmmNaY09ir4albDiLviWMNJJMWzqntVk7labWHU+eG9TlbK/nai2qOADhsMJqmJXDTJ02sho74j0wWxRg2Tnk9+eluiPiuTHfn9S9Sy04rV1J9b7emznvd82KSxM31LHXWp8k9P4T+RPx0bcBlQJmDUECKEMmxfvIe+9agToFlnNqRo6cR7scvVKx6TdFqn0yX9tXyXftSBKltexwYFgCt5aEcKVXcamHOt/Elou1+a9vT5T/LatBT5/eohYAEUgMC7UmtaaR+4fkn5zfK79xJXrN6ucd4ey+dokEUOl8BVDLc9M4k7AMzg5CFYW9GLrz1DDKX90kKj2g6lfGKhTRMbQlaD413ZOzqvitJXu9AQ3u9ra1qyu4AdiC21K8DrrQqQSYHdxk4mHC16B3rXAVzdyNB0O4l1DiEItfB8mwM8FXYAQVcfx2mYMty65QrI2qYI82JBQ6q71DQv6HH3IhmrvZdpawLWTIkN9LdwkLIA7lYIutl8R6Y7bPUfF5Nrz7VkY1/QPOu/DJ9VKmwbxhWG5VWlFsDfY/rdjdCU8Xnaa8vKZCQ86SC7eMcHW+68U6keXhjK5FOde2zl8R9KQIqCaABcGThhjS16JMjeHpxBCgWy5Zsk7aBY0TdjpB3XcTsG+u9rs6T1GhKHPct9dd7F9lvPHSdNm3829OqMIpprIjzn7La+os2gzhKPm9XRzlLc9QQo5VryzKvkMl5WRtNL53RUsbB7fjtaoONk4ngRnNe6l 7epyzWJM PajgFeG6tpsTQ4fGl9UdmF7dBRuyPzO858nLW/kQPZ+wo8+DXcyb5JUKFo5xrYqS8t/I7Jlzc/uuAfWVxEhsxSbOponDwSMydnXWusTuVRQ7Y1w7Oww0i4jqYrI0Wut4CXhRLNFMC0Bmiml0XoPvsNjWpUjU0X5BMMZswmD8FBKPotfAlj8lju9HOFEV7epxrOrGjwBa0sUklsD3tS1FXb3DYEoP589lNrBDLnmiXbpW1a1UZV9cMJTwa67X45FCpoyakFxWURsr0TYYGA41joYNEokHa4+ylHdN8Sv22YmawTWdc+HmIw1hp2ieitlbHjOZMdr1nV83VX4z+DyBfeMCvO81iD4POxj6YAhQ14bXvTTc= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide infrastructure to mseal system mappings. Establish two kernel configs (CONFIG_MSEAL_SYSTEM_MAPPINGS, ARCH_SUPPORTS_MSEAL_SYSTEM_MAPPINGS) and VM_SEALED_SYSMAP macro for future patches. Signed-off-by: Jeff Xu Reviewed-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett Reviewed-by: Kees Cook --- include/linux/mm.h | 10 ++++++++++ init/Kconfig | 22 ++++++++++++++++++++++ security/Kconfig | 21 +++++++++++++++++++++ 3 files changed, 53 insertions(+) diff --git a/include/linux/mm.h b/include/linux/mm.h index 7b1068ddcbb7..8b800941678d 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -4155,4 +4155,14 @@ int arch_get_shadow_stack_status(struct task_struct *t, unsigned long __user *st int arch_set_shadow_stack_status(struct task_struct *t, unsigned long status); int arch_lock_shadow_stack_status(struct task_struct *t, unsigned long status); + +/* + * mseal of userspace process's system mappings. + */ +#ifdef CONFIG_MSEAL_SYSTEM_MAPPINGS +#define VM_SEALED_SYSMAP VM_SEALED +#else +#define VM_SEALED_SYSMAP VM_NONE +#endif + #endif /* _LINUX_MM_H */ diff --git a/init/Kconfig b/init/Kconfig index d0d021b3fa3b..c90dd8778993 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -1882,6 +1882,28 @@ config ARCH_HAS_MEMBARRIER_CALLBACKS config ARCH_HAS_MEMBARRIER_SYNC_CORE bool +config ARCH_SUPPORTS_MSEAL_SYSTEM_MAPPINGS + bool + help + Control MSEAL_SYSTEM_MAPPINGS access based on architecture. + + A 64-bit kernel is required for the memory sealing feature. + No specific hardware features from the CPU are needed. + + To enable this feature, the architecture needs to update their + special mappings calls to include the sealing flag and confirm + that it doesn't unmap/remap system mappings during the life + time of the process. The existence of this flag for an architecture + implies that it does not require the remapping of thest system + mappings during process lifetime, so sealing these mappings is safe + from a kernel perspective. + + After the architecture enables this, a distribution can set + CONFIG_MSEAL_SYSTEM_MAPPING to manage access to the feature. + + For complete descriptions of memory sealing, please see + Documentation/userspace-api/mseal.rst + config HAVE_PERF_EVENTS bool help diff --git a/security/Kconfig b/security/Kconfig index f10dbf15c294..5311f4a6786c 100644 --- a/security/Kconfig +++ b/security/Kconfig @@ -51,6 +51,27 @@ config PROC_MEM_NO_FORCE endchoice +config MSEAL_SYSTEM_MAPPINGS + bool "mseal system mappings" + depends on 64BIT + depends on ARCH_SUPPORTS_MSEAL_SYSTEM_MAPPINGS + depends on !CHECKPOINT_RESTORE + help + Apply mseal on system mappings. + The system mappings includes vdso, vvar, vvar_vclock, + vectors (arm compact-mode), sigpage (arm compact-mode), uprobes. + + A 64-bit kernel is required for the memory sealing feature. + No specific hardware features from the CPU are needed. + + WARNING: This feature breaks programs which rely on relocating + or unmapping system mappings. Known broken software at the time + of writing includes CHECKPOINT_RESTORE, UML, gVisor, rr. Therefore + this config can't be enabled universally. + + For complete descriptions of memory sealing, please see + Documentation/userspace-api/mseal.rst + config SECURITY bool "Enable different security models" depends on SYSFS From patchwork Mon Mar 3 05:09:16 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13998190 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7B471C282C5 for ; Mon, 3 Mar 2025 05:09:37 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9A0FA280006; Mon, 3 Mar 2025 00:09:36 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 94E08280005; Mon, 3 Mar 2025 00:09:36 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 77A2F280006; Mon, 3 Mar 2025 00:09:36 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 54667280005 for ; Mon, 3 Mar 2025 00:09:36 -0500 (EST) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id C24F8160CA1 for ; Mon, 3 Mar 2025 05:09:35 +0000 (UTC) X-FDA: 83179061910.24.509DFA4 Received: from mail-ed1-f50.google.com (mail-ed1-f50.google.com [209.85.208.50]) by imf05.hostedemail.com (Postfix) with ESMTP id DB6C3100005 for ; Mon, 3 Mar 2025 05:09:33 +0000 (UTC) Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=hbw9Mc2S; spf=pass (imf05.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.50 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740978574; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=VPZJ0CcsH5TjJPWWmbSBZjzCQW+f7CPLi5bx9zgqPMQ=; b=sL6mjHhkRIKJQtQBt0VxcHH1B9tipax+x/ZFSWWblKvZ5PvOclpZqX/YfrbpMnll23f4ap q15+vYuGV+5UArB5iu9lQzhUZawuX5iX5ji9eWpBW/ghNbByWkfuRmZJR5V4C4qXA59XAr hm0clLH/dY6BsXnB3I2WCmMnQg8UDLE= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740978574; a=rsa-sha256; cv=none; b=xRyf2j3DzfAy7toXeVg3PiOECPAMHTW37U5KeHk1YCqOydm8wKD7AlPH3uKipNmhOZDvQg zcMWsGPflYkSc+Ol7U5tf67UyJrqG3CtR4ZqBTTjJ/Mq9fKetDIWl6OnRPZ88hHnGdTHQ7 esFUEYGisFGCAHp253Fsn+lEokiGUTw= ARC-Authentication-Results: i=1; imf05.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=hbw9Mc2S; spf=pass (imf05.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.50 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org Received: by mail-ed1-f50.google.com with SMTP id 4fb4d7f45d1cf-5e4d18a2c51so386987a12.0 for ; Sun, 02 Mar 2025 21:09:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740978572; x=1741583372; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=VPZJ0CcsH5TjJPWWmbSBZjzCQW+f7CPLi5bx9zgqPMQ=; b=hbw9Mc2S/Z5oDSFuCl82g2Ps9HamOcqbP1qPpWDzgMgD7vojVu86Wyci+/rtxqu7e2 CvAMN0+u2az7voRf430jg1qG3MDRfSGEfuNctWClhsmANHpMkzEMrR+NlD480o4XWH5X aF6Rf1cwesI70t4NqgyCZ6l6aUfKG0i6zVEpM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740978572; x=1741583372; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VPZJ0CcsH5TjJPWWmbSBZjzCQW+f7CPLi5bx9zgqPMQ=; b=Z/g1uRg0hieLh9Gx8fRURDDn7jx5CYjKei3/67QZZgvYisDkV49Io+63BRGksKDo1K 2/rdaznkUxXOR/fhSQ+pYCmPrQQYQY1ZgzTQviYDzGdE8Iz+s50t9A65vK3JBRjreUB5 K9+C6dszfF6QmTije01CoHrhsqxvg35Umtma2ggCqV74V6VNFQbtaZVpIFT5ay6Keqc8 abpTdsTlYtfvHfgdMGgmSWTEHGt8N9A1jDUKemmC1oVg2ifSs16CjWrURHpJZsEGF30K tcMxGnkjJjWHMW5m39vcDS8j1VRiFjQp7VenpJ4k0WnE51zdVAPg44WKqTRQs1vFlJ2u bExA== X-Forwarded-Encrypted: i=1; AJvYcCVh8j/jqmfRk3CbWt/pRFTgdiweSXSmTyNtmBOD8gleJwRvL5rMWWxdSIpjYl0dX8V8B3Edb+Z7zw==@kvack.org X-Gm-Message-State: AOJu0YzhFqfzLHvl4jynsyIx66SVYP/vf+8Uh6yelRDuygwrzaYhQXpV ZPwUenWqEQRkrShzkwS2XlBaU6vcUh59qFEwjPpiaNENziMejwSm0EBNNPjxxA== X-Gm-Gg: ASbGncsXkf9WlnINiYOUAL+fkd4M2ul7iC7/6Tk3jktr7ivaHvq4hxYtUVxjY6VZdBe Hliu7N2mbQ1rX3K+kPHq3tOGt+OVKdnvUswQ7qVO+EUAcO9QkS5jh0GMx56/1xdYdg/CIKlGdmd fhkVVKlCflN2buk13KWZYagQgC2ez4ayqDcyUt/poeeRxtH7kPb7hsaJtntzGoRhumdeXFDnV8V z5qehNtT0dXa+T8PJxq7D4u+USOTghZcI09RSOab2v0D0lzN6uayKcFxOOKDI/AqvEfKoFktgS7 5I98sDEPBKUWf7jV/S9+KE5dqhtYROJRk+S6vtt4MzVOolkUBKdAwY6y5uMJZKoA7pGaAeoX/nP 1 X-Google-Smtp-Source: AGHT+IGAeqZ+McRryeGgqFOzw3HwO3Fs4NU8ex0NeuYH4wiS7VhFyW50n3jYgD9tGP1fasJPyc6AuQ== X-Received: by 2002:a05:6402:2113:b0:5e0:803c:243d with SMTP id 4fb4d7f45d1cf-5e4d6b70387mr3929949a12.7.1740978572389; Sun, 02 Mar 2025 21:09:32 -0800 (PST) Received: from cfish.c.googlers.com.com (40.162.204.35.bc.googleusercontent.com. [35.204.162.40]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5e4c3fb6067sm6248635a12.50.2025.03.02.21.09.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 02 Mar 2025 21:09:31 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu , Kees Cook Subject: [PATCH v8 2/7] selftests: x86: test_mremap_vdso: skip if vdso is msealed Date: Mon, 3 Mar 2025 05:09:16 +0000 Message-ID: <20250303050921.3033083-3-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.711.g2feabab25a-goog In-Reply-To: <20250303050921.3033083-1-jeffxu@google.com> References: <20250303050921.3033083-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspamd-Server: rspam02 X-Stat-Signature: hpur64xzzide88zocruikdixcu716jrp X-Rspamd-Queue-Id: DB6C3100005 X-Rspam-User: X-HE-Tag: 1740978573-594333 X-HE-Meta: U2FsdGVkX1+wRQ8c6h1Ec5DVbPyrx4oXBpW1x0UxYGAFkUx0Aoq/dLyObvpxd2sKowJpQF3fU/1xAB3v1zxfkWlIH9R6UBf2N7RP5NI5a0ox0y+kRwLUf8WYbqtMIxZQfLOciKjZSYVYFjXJL2RTbBgpktj2Dgc7vqMeZv0cXvORqn0hwcSeHh7iocixRNu/1US9AhPl4YLgRefnjEg+tN6odsZr+TasEJTE8acmqkjCoq49BH6acZoKdGFSMv0AZmi9qknfhDR+Cv4Mvc3xYv4yRJ2osFw4LKITwmvaE5yCbVkJvAbOYhkPDEUtWZfFLI4y7dz/jHvbmJDnsKQ9FPcUoDpRrLCoKajRvYG5+NIYQldn652B9JvTlQ6360ox/DxjFwtbtiqXBOfG7W9fw+8j3jlLTgMXOUr3Hg4aqCVaElTfzQVKYJ95SBWliRmlEd0KSxq5pQXJDimEvpjTJGeQC/aQtFQgV1SUOC98nL9yAxUn7r9JubNmKRNVDEfjwdtUZ41MM4MsY+goVPkucqJfD52mPpImaM2kY8rxHB5Od2Y/hDO7yi33ejDsxQuYxs+JLAxt1AFEfYF/2CXy4HtkqDJrTCon8p3Sel5+rqQ0HpbLZOjwqE9eDZ/Pdsc73mfMzB+Euyg7rNPRLgFUEyQgzjp7t0mqqVxAyrRXcdO+8ihFfrN+QEEhUq2Tl5V7d5pQlB/fJ2CcVci0luOkNYkMzXLqItNSkYBA9GudMYuIS3QsQhZga8grnqN8sb9jOqhKwxy5CdKVN6tlIAlAHKNUfEaNtDB2UInYBEPg/U2im5hQx/uBYYD7lmsu7/ueDAk1WJQ+TyArmd5hTItgo+Ss89EaNhBOSwj450u1QosVCiyIIicnktfNH15p2pAbIpT2zICj54NRy+bQzpGuVehFYPL8PbhWEqx+UR+LoJxPle7W9QQ5+8txxipU9ubrLW3UyzUCSZwkEz8Fa+4 HRQPeahT 5RU6eUZna71uaw/3+y5tIqgU1MiRP8SGIZsx4tmObAoWmBAFwUKowgQEJaKqqqDuozhr6ggrr0v1nkohsSc358ijvW7w8rWIvcteYstV4PnwJmB7OlMWvpXIhgDs56NgsKTzYS8Y/O1toBx+5dDwKnAbYDVuO61tLbFAr/4cXPSnbYboGS9DaPvjxdBdMgbRiX5G4s6hhRwf39Z+ngFl836K4GAZxXAdsSceJJ69aDWCvu1qQtV4BNg8YyUpto8nRGD7vAfeKsronHmdnDL8ODoxnzqvMB0BxBcM+XWtPlaObd8fiKu6ktZm98s+MkRWiXbbNsD37SjQmlDSrzRz4roWvnQx8NjUjA9vNtoguNLp/nf5rD3OlzAyNPOC0Gv6gRHD4xWUYdI233/bwEOZpEPlIWS1JD/sXc/Xn95pUrI/dFXe0GnBp+RfIT+UuoUAXytGxDaGgf3/Uias= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Add code to detect if the vdso is memory sealed, skip the test if it is. Signed-off-by: Jeff Xu Reviewed-by: Kees Cook Reviewed-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett --- .../testing/selftests/x86/test_mremap_vdso.c | 43 +++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/tools/testing/selftests/x86/test_mremap_vdso.c b/tools/testing/selftests/x86/test_mremap_vdso.c index d53959e03593..94bee6e0c813 100644 --- a/tools/testing/selftests/x86/test_mremap_vdso.c +++ b/tools/testing/selftests/x86/test_mremap_vdso.c @@ -14,6 +14,7 @@ #include #include #include +#include #include #include @@ -55,13 +56,55 @@ static int try_to_remap(void *vdso_addr, unsigned long size) } +#define VDSO_NAME "[vdso]" +#define VMFLAGS "VmFlags:" +#define MSEAL_FLAGS "sl" +#define MAX_LINE_LEN 512 + +bool vdso_sealed(FILE *maps) +{ + char line[MAX_LINE_LEN]; + bool has_vdso = false; + + while (fgets(line, sizeof(line), maps)) { + if (strstr(line, VDSO_NAME)) + has_vdso = true; + + if (has_vdso && !strncmp(line, VMFLAGS, strlen(VMFLAGS))) { + if (strstr(line, MSEAL_FLAGS)) + return true; + + return false; + } + } + + return false; +} + int main(int argc, char **argv, char **envp) { pid_t child; + FILE *maps; ksft_print_header(); ksft_set_plan(1); + maps = fopen("/proc/self/smaps", "r"); + if (!maps) { + ksft_test_result_skip( + "Could not open /proc/self/smaps, errno=%d\n", + errno); + + return 0; + } + + if (vdso_sealed(maps)) { + ksft_test_result_skip("vdso is sealed\n"); + return 0; + } + + fclose(maps); + child = fork(); if (child == -1) ksft_exit_fail_msg("failed to fork (%d): %m\n", errno); From patchwork Mon Mar 3 05:09:17 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13998191 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 157F8C282C5 for ; Mon, 3 Mar 2025 05:09:40 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A3F2928000F; Mon, 3 Mar 2025 00:09:38 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 9EC06280007; Mon, 3 Mar 2025 00:09:38 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 83EC728000F; Mon, 3 Mar 2025 00:09:38 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 6398F280007 for ; Mon, 3 Mar 2025 00:09:38 -0500 (EST) Received: from smtpin02.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 15BD4140C84 for ; Mon, 3 Mar 2025 05:09:38 +0000 (UTC) X-FDA: 83179062036.02.794DAF2 Received: from mail-ed1-f44.google.com (mail-ed1-f44.google.com [209.85.208.44]) by imf10.hostedemail.com (Postfix) with ESMTP id 11EDAC0010 for ; Mon, 3 Mar 2025 05:09:35 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=TUP3YvIk; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf10.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.44 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740978576; a=rsa-sha256; cv=none; b=6PgJbSqtPZLqfkzHku+DqfAelao+SWFB1ptUuYFGVbvzLbEFxVoXfnGdw8e2wbR9lRcF+M aBR3QF1ylpYBNdD71E2XzwzzfQol8dba2QRFK0Zw0g6zOmPiJYVDwrnmw4ID0kLnohcKx0 df5llw/Kca/9DSLgC3iO22HBTLOpbf4= ARC-Authentication-Results: i=1; imf10.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=TUP3YvIk; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf10.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.44 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740978576; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=0NM3JxIxfGoSiAwP/bRvuWu/M48PsDVjGGpFsNsimuo=; b=t496PzRQCIjsQptponO4xf+5OjxtOESFzpyy8TR222eA0yRiOJWZspo45WK8eGSDwa5SiX pAIv3Q1qIvz5jZhkL8MBZLXngm5ea9VA0d33Adr6qD+fvylsKmQPalk+uaodL3xMeKNXmo OQbq+lbf4vp6gOuSUE5jOGGVjE3vvmc= Received: by mail-ed1-f44.google.com with SMTP id 4fb4d7f45d1cf-5e4cbbb37ccso386173a12.1 for ; Sun, 02 Mar 2025 21:09:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740978575; x=1741583375; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0NM3JxIxfGoSiAwP/bRvuWu/M48PsDVjGGpFsNsimuo=; b=TUP3YvIkiKEp2+/hj2JQuNsK8x4/iViLEEJO0m5sI7xSKgUZoADv92hC8ps1y5KIhH Q3ysYDZS3YtaCAbenYcrMjll7c9syDNaLAqMMBVb0JhpMB/3IgDn2f1yUMHrW/z4TMA1 jZ9ZhxyjjM9gy253Tx6AZk+r2JulELlQxHiLE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740978575; x=1741583375; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0NM3JxIxfGoSiAwP/bRvuWu/M48PsDVjGGpFsNsimuo=; b=Afbn/stjAHFuNi89DLRLMsheDed5w1izy1Z0WGBTB/nXbRnygATYPrqoQuFc+ldxNn 0DkNmJxJNqGgIJWhvCqOXlBpvbiKjkI3ipK5L1KDLsY//baydkWBqBZWC6Y0xPE2bBQG UbrqaKTT5wuNFgCsOBFDhnrxkTQHzymnuVKeqZWhEDAf0qspUNU7UbbE51Zjp+wal2dZ NyCind5tlKlVube52D5NJPQYHYrtEqD0Oikb3Nc8dcpIfHDUzFFTS52oyJN4QW+ac5ZF +QSzeML7n97WMlO69Z/SslZxVRu/LVgfw035Psw74KLtRwykWWSI8Y1j8dVL401QtJCe bAag== X-Forwarded-Encrypted: i=1; AJvYcCVo48kcMwGAYzG9lZwBqZ4jbcRi1L3pgpxIrj4DkqE6N9oVxEDQHiD7T2wrPhOKyHYmawofGu4g1w==@kvack.org X-Gm-Message-State: AOJu0Yzi57P4r+2hJbYKlb9vvVnqrsuQfdFNRgHsqOTeU/5PcAl3EQ6z DUiu9Ya70kahq4JshgcDr0obbBIXoJTsFuDCJfTWBpbL/N/qQ5lxnlgjvLAscg== X-Gm-Gg: ASbGncs699exBFyOijfUzYWajCOgzgfpKvNQC9/KWpy0vj9rDGkoNZyyMS3eT4+7S1L a7qnwWK7o1eCVbOvtPEPzlMOYl/+WWlReRG+og4WOiCnYdIuWVhTrMTV8QZ3cxFfVZzx5FKmExQ p0oJ4vL3MrFZUr40n7wz5hMo2F9cNQGGAqzxNXRiXSkPSKI2blSU5p/J0304uvjv5FckAoJ3meB RUmrgi421a/PShF3SLyh8rmOjb92An+DEk8tcJ3vEvZXTgrsYu4RQdpYuTqm5Ma0ie4qYW2qWZT zkCbpJdR3Xv+bHzznqhaQvYc/jhMds67RT8dnMMyTDcj56Qm6g4e9ja0lWgZK4O61f/o/ONneRq C X-Google-Smtp-Source: AGHT+IEIzK5DVcy7xN31p85/klW2sNO6ixXa92Wud+ZOTOl0uHG/MytYEvsvME3kstnNOTe7tQRsOQ== X-Received: by 2002:a05:6402:4406:b0:5e0:e845:c825 with SMTP id 4fb4d7f45d1cf-5e4d6b98391mr4616303a12.10.1740978574644; Sun, 02 Mar 2025 21:09:34 -0800 (PST) Received: from cfish.c.googlers.com.com (40.162.204.35.bc.googleusercontent.com. [35.204.162.40]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5e4c3fb6067sm6248635a12.50.2025.03.02.21.09.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 02 Mar 2025 21:09:33 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [PATCH v8 3/7] mseal sysmap: enable x86-64 Date: Mon, 3 Mar 2025 05:09:17 +0000 Message-ID: <20250303050921.3033083-4-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.711.g2feabab25a-goog In-Reply-To: <20250303050921.3033083-1-jeffxu@google.com> References: <20250303050921.3033083-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 11EDAC0010 X-Stat-Signature: u3iesome1kw33twt37xn63rohgyrqncq X-Rspam-User: X-Rspamd-Server: rspam05 X-HE-Tag: 1740978575-797922 X-HE-Meta: U2FsdGVkX1+f0SKN+COKXX5HBMppDVQkP+xjKk0yDhheoJRzWlNE3uOl2Fa8at+R8J5OmCVH1zt5rBxCXergOuimxHHA0uwqJ9yLnacGmyiokvIem17B97I8VwpqdxdoGqSrIiMx9FRpGql9ApecuxTNHK9CkMZc6oBntD+7zt6kD9m4lQuJFmvmt2kbfJ1xXuTcqDu5fJQBF2dha99ZHny1v6rTbxawFvHFrtwVeiLrVax7j1kvi2SH1lPnb5GRL1wefZ9F6Xq3mLaxI3xDLiB9OrpoOX+vpkKo6QO1IMcKHsWACFqBvkpZlE+ByzmioRQhiLi+8PCNgPqtjmH0RG76y9VTQ2eHyDJiX+IXM2puEflyAAV7KNg5MaH2EShz+Gq5codsykZT1l+ppvDu9dHhnxflsuoMN3g03ZnxFVOWCf3nfa4d+RtrrDJ8L4snlfOzQjqF/hqMdOinB6bwPEOevlXv2DU7as9PDFr+dTpxGhz/ipNgT3FN0NztyKLszwfppbCXsLBHlI8wWaSqkQ0DxYyT3FugjXnrqp3EqPOTO+qoEcSnyA/i5Ge5fO3THyXe+RdtMWNIwY90p9ACoD5QxLK3lHz7ARdoDxbwa24W4XfT2kh/KCxMqczg7wl2Yk2IxrPoS7HJvXH4tiygt/u+14DmwfESslTs4pvO9K+zyd3CNm0jEfhzajrJP3bImXMKlN+ZhDe5CRztLe3IkB34uHp0d3JqPpYuoUKnQenXWk+Bd0s4rmblg+kB3m1AVgD9DeiNnogR/GzCTPkqkt6yU/uize1RTa2t6EyJmM2rIGmw9RcYA3gAk63bUMIrB8BfAAlUerTHMivayECT/Ms7SKJ3g516mtx1dG7K1Tw+aSDc69ecLfXnKu250MtnwQHg+h1whOd5pLZqYQllmxOsovnzu/KbhU+s3M1DLIO8em7v/A2BtN6gjIhRppkavxY8am9kQWtbXJBmsKl uOIpVZp5 lzC5kkeEKHOckS04FowRPOQycJ6w+NbycM9mkh+YLRJ3Ta2RyvdSW1Jt78tMOLSiYXafEzFxNxi2V+uChkAu/19GOaFrANhc+8innWpXfHLWbwD7R2Gzj9tJRd38YFFlKwRCYceCYslOU87lelFCtov5KPATB8e34dk1xVhI7XR14kRmvu9JNSNYewgisINuDjE7iLJ9iM3mn5jVnQA/cqfwsTQpiw/Aw3G29m8V7Be8dZ1WTLbonpu9EtO207etWwbsCypPysK7mVDosBHJBXcBNRQcv9sc2+eFKyWlpYmdxhMt71MSOe14YXQManCFIfswFnShRRkUO7Dsdew5ZgmBHgonTBXby+ufCW8Hz/o+GOso= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on x86-64, covering the vdso, vvar, vvar_vclock. Production release testing passes on Android and Chrome OS. Signed-off-by: Jeff Xu Reviewed-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett Reviewed-by: Kees Cook --- arch/x86/Kconfig | 1 + arch/x86/entry/vdso/vma.c | 7 ++++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index be2c311f5118..c6f9ebcbe009 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -26,6 +26,7 @@ config X86_64 depends on 64BIT # Options that are inherently 64-bit kernel only: select ARCH_HAS_GIGANTIC_PAGE + select ARCH_SUPPORTS_MSEAL_SYSTEM_MAPPINGS select ARCH_SUPPORTS_INT128 if CC_HAS_INT128 select ARCH_SUPPORTS_PER_VMA_LOCK select ARCH_SUPPORTS_HUGE_PFNMAP if TRANSPARENT_HUGEPAGE diff --git a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c index 39e6efc1a9ca..a4f312495de1 100644 --- a/arch/x86/entry/vdso/vma.c +++ b/arch/x86/entry/vdso/vma.c @@ -268,7 +268,8 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr) text_start, image->size, VM_READ|VM_EXEC| - VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC, + VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC| + VM_SEALED_SYSMAP, &vdso_mapping); if (IS_ERR(vma)) { @@ -280,7 +281,7 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr) addr, (__VVAR_PAGES - VDSO_NR_VCLOCK_PAGES) * PAGE_SIZE, VM_READ|VM_MAYREAD|VM_IO|VM_DONTDUMP| - VM_PFNMAP, + VM_PFNMAP|VM_SEALED_SYSMAP, &vvar_mapping); if (IS_ERR(vma)) { @@ -293,7 +294,7 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr) addr + (__VVAR_PAGES - VDSO_NR_VCLOCK_PAGES) * PAGE_SIZE, VDSO_NR_VCLOCK_PAGES * PAGE_SIZE, VM_READ|VM_MAYREAD|VM_IO|VM_DONTDUMP| - VM_PFNMAP, + VM_PFNMAP|VM_SEALED_SYSMAP, &vvar_vclock_mapping); if (IS_ERR(vma)) { From patchwork Mon Mar 3 05:09:18 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13998192 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 32F39C282C5 for ; Mon, 3 Mar 2025 05:09:43 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 35E61280011; Mon, 3 Mar 2025 00:09:41 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 29A1B280007; Mon, 3 Mar 2025 00:09:41 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 09E2E280011; Mon, 3 Mar 2025 00:09:41 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id D92F6280007 for ; Mon, 3 Mar 2025 00:09:40 -0500 (EST) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 6A882B1E79 for ; Mon, 3 Mar 2025 05:09:40 +0000 (UTC) X-FDA: 83179062120.15.6530A3D Received: from mail-ed1-f52.google.com (mail-ed1-f52.google.com [209.85.208.52]) by imf09.hostedemail.com (Postfix) with ESMTP id 8339814000B for ; Mon, 3 Mar 2025 05:09:38 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=QiuIeyqx; spf=pass (imf09.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.52 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740978578; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=RAoQrXrn6YJEh9Pobcge+uaEegOFqqBxGl0PnC+cOhU=; b=JBUpCEBCynjQ+ho8VFqVY9Uj4P1MpxqlBRqFtMZ8s58dS6f3UCi1HMkoRxwoDTzCvSIXN1 ftJt1ss2BvZv4d6lYMIrMiamXN3vFiQgMlayrYUPIxuKX9VrQgDkPHMXBYNnMGHz6/SvhL Ub5fdOdIy6lXrNBPvLMRvZHWE87LXwM= ARC-Authentication-Results: i=1; imf09.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=QiuIeyqx; spf=pass (imf09.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.52 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740978578; a=rsa-sha256; cv=none; b=trvkqr50+8UYJ7No+rOCYGMPpNc3tQDA4VFWrHKYlQjU3EJSxp8bVwt/qJdsnlpBVA4fKP iOWB5I3GmR4dIQy7C73eVObcA/18Xs8M+DIzA2Kh6d5OLi+9T3p3JwDGHrnjC23ENuoPw3 UXvGJYeFmj+8OEhkllQFmNrvBECSncY= Received: by mail-ed1-f52.google.com with SMTP id 4fb4d7f45d1cf-5dc191ca8baso774633a12.1 for ; Sun, 02 Mar 2025 21:09:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740978577; x=1741583377; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=RAoQrXrn6YJEh9Pobcge+uaEegOFqqBxGl0PnC+cOhU=; b=QiuIeyqxcYencnI71RIhKrXGRiKt+9ANYuNNx8b6JHSsbZyjpn+aPQVqVuLGuToBvl KjJ63I5Ai1kaMuAxXiFXMOinfcR0gqrYViL9FYnjZP7f1AOmVZAy9qJxmn/GEdoExKPR TbG8iVKrS88DQAdQ+oxsJm+yzlxLSecl4AWRU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740978577; x=1741583377; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=RAoQrXrn6YJEh9Pobcge+uaEegOFqqBxGl0PnC+cOhU=; b=h2vLotUayahP8bkPk3w8IqLl0jpWPSKjYAyO3+jghrL9AUy2vkGSaCBxdYIq10Zy4y aiYZNtH90Okwr5OYMXVDOo+IX5ElLJZoLCzzetJ6ehwxchyHh0hYNHSvRrjtDTrKY1tB aIQi8gl6zlR4BtG8HQosgeyykJc+Xr2qN5GDegKGvNX2Kp1pvPo29UczCwS0R3I54ptR lkAZprqZvzNjE5onEeJN1Wy5dVEtlc0usJfblnfs14KQ066CfTtaGLdzVdgW+0+LKVy1 ElAk4fhnuY3P82Hf78QUvDuLQjXjs5TIe5lG51P7uU5fbyHMuCpJqezY7jAQazIZg64Y 3U2w== X-Forwarded-Encrypted: i=1; AJvYcCWD2UMqEzu8pL5pdIXkqXgstTSddXqdy5UjtS2zxX7l0cS9o3w4QRygXPO6SQIqouaLMxN5Hhvq6Q==@kvack.org X-Gm-Message-State: AOJu0YziCMBdhhq5WgN+krpA67AFVU52cdfeRkGuN2uMMk90lSWAlSg6 kZ2GMyPyClcYTAuz55RKQ4QNHJTvv+hoeQYWpTwfGJu2UIAXgSWM3wVdNPKUJw== X-Gm-Gg: ASbGnct5BnY1P7ck1QLDo6JyaPhZLz9X8VQlA7sbyq8NdqTB/vvL/OcgG+wjCKmQeTv PaEB4k5rMg4QutjMNbmTaZi3H989tV821o4XuFDlbejTvk5qvVeX4VrIyXX/qIh4fLwZ3FVDOxs 5jYtTMRxwEGEnj08Pn/rZ9bJZ2jT/pk5htR0HUP6GdclYmpUfO52iWnI2tE3ksXIiYDsCt0mHTy DZ+2JQN+TkqkSdnqOTomEbZNLQQSKVx4Ho8xlKX3I+VfkL4zaU/u7kRAtDfXD+jsrLyfw4v3txc 3cGttI4SXT+mFiBbn9BpkwiJP33d0ih2QVmxbSnKPvCldVRByNtU6QTbxGujnCqrv3yw8SjA3AL 0 X-Google-Smtp-Source: AGHT+IFFf+CduNG846GcfkCLdAht/QDxEug4xx+ZimxDfLRqsASOv0BOjbMGqDHYYZSfdkiJ8c/g8Q== X-Received: by 2002:a05:6402:35d2:b0:5e0:7ffd:a6ef with SMTP id 4fb4d7f45d1cf-5e4d6b42c58mr5147613a12.5.1740978577006; Sun, 02 Mar 2025 21:09:37 -0800 (PST) Received: from cfish.c.googlers.com.com (40.162.204.35.bc.googleusercontent.com. [35.204.162.40]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5e4c3fb6067sm6248635a12.50.2025.03.02.21.09.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 02 Mar 2025 21:09:35 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [PATCH v8 4/7] mseal sysmap: enable arm64 Date: Mon, 3 Mar 2025 05:09:18 +0000 Message-ID: <20250303050921.3033083-5-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.711.g2feabab25a-goog In-Reply-To: <20250303050921.3033083-1-jeffxu@google.com> References: <20250303050921.3033083-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspam-User: X-Stat-Signature: 3k5wx1nu6je88d8ktj5nyjrtb8pzcm7w X-Rspamd-Queue-Id: 8339814000B X-Rspamd-Server: rspam07 X-HE-Tag: 1740978578-250195 X-HE-Meta: U2FsdGVkX1+TMOxzk82+pB/slD5Src241HQxgYzVs162zmNZcrIuHyjwWPPHXD2puOAMy/wnRtWPIR6TvJfXQRbEq98SIAa/VNHcZTSVojYGtZTP/DLy1Oc30vgKmuPH6X88jtocfgbRij+Ols+3WeSqLjno2CnnTR42APu10vpaZNhlQLT8kdI4jQ1aIujr1F4WCoCTZjlgc6CY70bxTQxa/yp6QoT1fesj24SQ0Db0Uj5qbGBHy6jA9ZBnNZmcSdqgdrwduTFjS7IU+v+6QGX1L1QeOpsgyL5NrGFowoD2BvOGxiSVLzrEwGbScCgpn0Sh7zz/vCCHcvo/STTmOLLguiJQk6tM312kVvOAOd3WCtpaSzxXyQGj1r3tSGHEEO5e1SzQsxHBiYoMJLc1Ejp3EmgSz8neA7b/2pN+yWqSjr/qQejr7aXPHwptGykSUVP+63EmxcneO1ZTC5944pLlc/HuQNItOTn4jYH95oGtTI5ZCLfIGwFFZaRfCVmHdiaqeF6ffqY5EAUwXY3O5cprztKEYlBtJSU0hn0rY2y4q/TZv5fzsFihR/r3x8HQd6zdUKKIeBrIyGRynmlbLgwHZ7C0qAF2vdPFiTzlmFdc7dgl+T9N5ARs2phod5KEZSHFiBnAtybmCAxqGoPsLCOxu7s1/SZ+piiGPtQKTJYQhPVPhv7aQFq/wikB+qHMVceYEBAdAkGha4tAFw5iN/9dnR9YtnI0P16bRLdzRqwiYIXYUWhD8/rSdgn99QomFQ3W01VnHVZ2Uan7No5MqWlSg2GIdxQzz485roJD0rmYZLWJ9Zpwl2BjOeSlxm0M99P2ITEc6uf5+FszVw+ZXbcloKnfPvBY+FSZKtEDOj0TcLj3P2CXjGfQw/15XhXYxOBYoaJOdX9Dk+kiWnql6c3cVQOkItR8OBU2aQ3+aSUKdzH9I/jadNTSpx3XW0b0uOX/fyx0sqnUFJP59tN KxujFHx6 zYqq7EIo7zYhsGTZT7neM0jH388gpGN/VdqsE6zhlNSkpkFZYLaBeEcD7GLqGoN4wot/CwsJiFoOBjxkO7Mmv/Y0xkiKu5rCG3XPzO7MVui86kouFVD18NoV2dCjovRsj+7m94bHEUXjfPlJ/AYiCyR65MFFvlRbmATt2fkIVuMGlUFbECmQkLVlKC1a552OVLHy/dZEtWq4KlXpU8HaxrVSBAvGEM8j5b83oTfut7yiHpxUAWi2apMcadCjORFv7BCBWROHqR9YWGkJcFjkQYyMrnqTX3+gXBc28l7kLjjgrjXP+8pEe85sZyOIrz3b2arb0eM/t9T0Z52geKbcMtx74zAteeQlk8GEMXiJT9Zx5zigr/4nUun5lJA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide support for CONFIG_MSEAL_SYSTEM_MAPPINGS on arm64, covering the vdso, vvar, and compat-mode vectors and sigpage mappings. Production release testing passes on Android and Chrome OS. Signed-off-by: Jeff Xu Reviewed-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett Reviewed-by: Kees Cook --- arch/arm64/Kconfig | 1 + arch/arm64/kernel/vdso.c | 12 ++++++++---- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 940343beb3d4..282d6cb13cfb 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -38,6 +38,7 @@ config ARM64 select ARCH_HAS_KEEPINITRD select ARCH_HAS_MEMBARRIER_SYNC_CORE select ARCH_HAS_MEM_ENCRYPT + select ARCH_SUPPORTS_MSEAL_SYSTEM_MAPPINGS select ARCH_HAS_NMI_SAFE_THIS_CPU_OPS select ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE select ARCH_HAS_NONLEAF_PMD_YOUNG if ARM64_HAFT diff --git a/arch/arm64/kernel/vdso.c b/arch/arm64/kernel/vdso.c index e8ed8e5b713b..69d2b5ceb092 100644 --- a/arch/arm64/kernel/vdso.c +++ b/arch/arm64/kernel/vdso.c @@ -198,7 +198,8 @@ static int __setup_additional_pages(enum vdso_abi abi, } ret = _install_special_mapping(mm, vdso_base, VVAR_NR_PAGES * PAGE_SIZE, - VM_READ|VM_MAYREAD|VM_PFNMAP, + VM_READ|VM_MAYREAD|VM_PFNMAP| + VM_SEALED_SYSMAP, &vvar_map); if (IS_ERR(ret)) goto up_fail; @@ -210,7 +211,8 @@ static int __setup_additional_pages(enum vdso_abi abi, mm->context.vdso = (void *)vdso_base; ret = _install_special_mapping(mm, vdso_base, vdso_text_len, VM_READ|VM_EXEC|gp_flags| - VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC, + VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC| + VM_SEALED_SYSMAP, vdso_info[abi].cm); if (IS_ERR(ret)) goto up_fail; @@ -336,7 +338,8 @@ static int aarch32_kuser_helpers_setup(struct mm_struct *mm) */ ret = _install_special_mapping(mm, AARCH32_VECTORS_BASE, PAGE_SIZE, VM_READ | VM_EXEC | - VM_MAYREAD | VM_MAYEXEC, + VM_MAYREAD | VM_MAYEXEC | + VM_SEALED_SYSMAP, &aarch32_vdso_maps[AA32_MAP_VECTORS]); return PTR_ERR_OR_ZERO(ret); @@ -359,7 +362,8 @@ static int aarch32_sigreturn_setup(struct mm_struct *mm) */ ret = _install_special_mapping(mm, addr, PAGE_SIZE, VM_READ | VM_EXEC | VM_MAYREAD | - VM_MAYWRITE | VM_MAYEXEC, + VM_MAYWRITE | VM_MAYEXEC | + VM_SEALED_SYSMAP, &aarch32_vdso_maps[AA32_MAP_SIGPAGE]); if (IS_ERR(ret)) goto out; From patchwork Mon Mar 3 05:09:19 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13998193 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A7CA9C282C5 for ; Mon, 3 Mar 2025 05:09:46 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E35B1280017; Mon, 3 Mar 2025 00:09:42 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id DE3E6280007; Mon, 3 Mar 2025 00:09:42 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C0FB5280017; Mon, 3 Mar 2025 00:09:42 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id A2219280007 for ; Mon, 3 Mar 2025 00:09:42 -0500 (EST) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 533C5160CAF for ; Mon, 3 Mar 2025 05:09:42 +0000 (UTC) X-FDA: 83179062204.08.BF61E5E Received: from mail-ed1-f53.google.com (mail-ed1-f53.google.com [209.85.208.53]) by imf01.hostedemail.com (Postfix) with ESMTP id 5EDDA40009 for ; Mon, 3 Mar 2025 05:09:40 +0000 (UTC) Authentication-Results: imf01.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=Wy6B96eZ; spf=pass (imf01.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.53 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740978580; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=vYjwm8dHrLXGz6gb7qV5M3QfXuZDejaPJfbAmodOPNU=; b=5glz3whYqFT9C/XvZl9j8sMU/iwxXrVxkzP8a6s5yvf/uUTshKUJ36iVJSW3AJalK+RAee Xpf6IqWD/bxnFWWN4WBrASW/Lnq7xYpV6mhAy1+bXGPUTKj47V+O0OVV5rb2GD0O6yg5J9 KbrOd/JiZg2lsqH/tERrR01fjeq9m9Q= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740978580; a=rsa-sha256; cv=none; b=sV+97147J/7DI4865E3FIi1RzI4Gu7k50RBR4lLjaeWGchiZXwAAUOOIzPwjaU9O6eM0Tz eaqFPrVFUnDJaa5c8+g4A7H/e3Sm6ymIBFZmMGQDaUHJ8haAMwVqFeh1TLPlIrG3CPy8uD yncMt5gWja4k5AFbuifgZTouvW33/N4= ARC-Authentication-Results: i=1; imf01.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=Wy6B96eZ; spf=pass (imf01.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.53 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org Received: by mail-ed1-f53.google.com with SMTP id 4fb4d7f45d1cf-5dbf7d45853so648529a12.1 for ; Sun, 02 Mar 2025 21:09:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740978579; x=1741583379; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=vYjwm8dHrLXGz6gb7qV5M3QfXuZDejaPJfbAmodOPNU=; b=Wy6B96eZ5nhQr1mrbR4yQvV10usKmEeE2LeEzYrdKT+wSFw38EiZeubhK+myxr1ljW y7Wpniz/Wk8Wr7933kZJwS+7i0uHmll+frHLcjKsf0i0UOuKmJhJYEKo2L/SRCsl0a39 ajJJah3woatQscKyoSojTcA4ZeFdqxUyO6pNQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740978579; x=1741583379; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=vYjwm8dHrLXGz6gb7qV5M3QfXuZDejaPJfbAmodOPNU=; b=drXPGs/NgBzn2blIDLFyVA4cVoJvqx3FOzxBKV9neu5VlDiOJltYzgIIGGNwj88aFD 3IgCIi+twnBRZmLY29uxqfqGahielPrcN8VDYBVYQFPNps0r19xA9bzGkYXtODAJS60d D0uaSTCvJQQMZ81pPGOwc4enIJgDt7xENQAdkzaLCAdvwkEtPABhxdCllXA1aWxFDQIK v8tM187lgaKCuLCLEqY4a49bdZERhZWXakbwWqxwv9PBf2PUqAIpr/37diTAzK5D1WNT Z84uXYolNJZUNls3T2nTcUDZJE0X9ho5Y9QXrZggAlIfF6PEGBP32c+O5KcQwj/rN5ci u3bA== X-Forwarded-Encrypted: i=1; AJvYcCXu5Y18MzlvEWlrVusKSKQNYb6cwODV8SXfawNKioiKiBApT350oU2GyR0GeoyEdjujAg2aQ2N0fg==@kvack.org X-Gm-Message-State: AOJu0YxGA3KCDxkcqAk82m7VsELZzoa+J9cHEyr57s4UhfqmBHD3a8R5 yj0kn/V6ZRnjbSkI4DoiJsQHcXHWREOy307HZkeDgacoDTM252/XVet2U4PZrw== X-Gm-Gg: ASbGncsbjMt0CMt14QTwqwySn9dF3eURrA7duEjuqFbICt0LtCLNPtJtEghF/JVi2pT vX3FfWIgYKhykN8jXwkML+iROW8dKvHmERq4sT/+pph/mYxydGRYR3wMmuN+KaoM2QHpAc5FT2d XpjRB9YN3E+FlryxUKHGhye5nbY2RGeoRDjPTxec813nTOm/8X09OiHfZgerI+SRsAoKvJcKRjl CFuWXhU4nJOQHovSmR3RV8JYiqgKzfI027JArd4oovUzv9iOY0NQ+FE4yxfcZVzfipMyXNf0KUD hCXQaJgR4s+tAWR29DcoV46Kodr+dB5NqWShxnogP4N0Ul6vUYDBgoe5l1eG2eaX4gHMdn5jY09 a X-Google-Smtp-Source: AGHT+IHtOuKA+9OaPh5jrHwcaVGv4sg/p5d2FB/xdLoG2RY8640XMMB99IsWJcicRocUIUi11DwD4w== X-Received: by 2002:a05:6402:518b:b0:5e4:d192:86c5 with SMTP id 4fb4d7f45d1cf-5e4d6b85dd2mr4581736a12.9.1740978578724; Sun, 02 Mar 2025 21:09:38 -0800 (PST) Received: from cfish.c.googlers.com.com (40.162.204.35.bc.googleusercontent.com. [35.204.162.40]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5e4c3fb6067sm6248635a12.50.2025.03.02.21.09.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 02 Mar 2025 21:09:37 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [PATCH v8 5/7] mseal sysmap: uprobe mapping Date: Mon, 3 Mar 2025 05:09:19 +0000 Message-ID: <20250303050921.3033083-6-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.711.g2feabab25a-goog In-Reply-To: <20250303050921.3033083-1-jeffxu@google.com> References: <20250303050921.3033083-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspamd-Server: rspam02 X-Stat-Signature: uq6t9chho7chpbdgonf4uid11xparmm3 X-Rspamd-Queue-Id: 5EDDA40009 X-Rspam-User: X-HE-Tag: 1740978580-899672 X-HE-Meta: U2FsdGVkX1+62MyHb36R4aSS203MR37Fci+KwLwULO1nf//wSA9Uxo2cOWoAksEn9FFbD+GGj7X/ZYhKjmxy8fp/so0uRCTIiASSMFonfAg5WZCTg9LeVuyE1hIfRQs5nJ5hZoh7b44cuNPfxxmQ1tsfzdFn0EPFQ00wLoB9PPCWEth22NJaVuOpqa98wOgc5ser4RDuS1aXkSifXqdP+4OsN+maw1nRfes4vnKkasIrsD4gM/eed9g1NmceXWDCSLkySaD6Y942LojSpYj6DVGQSUymmbYU6AfjR9Ws/dII/OvdjRUDcotZXswT1V8alpCoZ0UQe2OXtEfePR4LAQ3UucU+STdzbpFzIFy/6Q4C0sHFh0STBqEyOC0MHAYQB3jtFVygkszILN7UduxPIyQplP8N6EuLqZb/6mXWM2BlNJzl1nMhAJwAByDEWC+nIk+ddRO8Se2+edtyG1nkI8aj+5Y6pzAAQRP9mXmFNJg5wf2+bDAs+QaDuJOeTchBVqoRu7XWOL2LmX+3p3LYs5sARJufxo/zE66oP1dILbuwkF7b+z93N0kA+lkByunAmbR+E1prT3fohYBN86b125bbA+KghYQ8nHjFfpquM24po8GJmIMCCvrSjAzM1SQdXLolYZZX2EjquR0TJ+HR0E6DHBOZHe3sAx6/gz8SnuMFw92gZCUQ3AuG/LVmFCZC3ZOaxePVICPuGHOD2mSc5tIGp6bBSSieGed0VG8hfVaqe31WRutXIA+TKthqSM5sIpePgZ0AOe3Ucp5NRTELmDPDbuk+g6yH0FrfWVthuI3OJTM638vv1odTBvxBbcywDzVgmsB4FcG42Epy7t16jvH45/8hv4i6Wu2Twv/ZNHd/hMwViqhrsPc5iqUHoUrWFVLuk8Eh9UetDVGXM1SG8UqWA4se3kixKuC29aXDNPSvwbkGzkDGUo8GpEv6cMGt1K0aUay7upCpHop9j6d jJjhzQc7 n0JpLo1nKzA0HfrPN7AJaAilP47uDnfrnO1yd65PiilG/iovZcwRXcmpk+kkv4XEtTFVRcB6wKcM7hwP/BWo1QsJliRTOjFztsbkcBrFnmuaEMIVTtc4YtXmO0GSywKx0E5BqlleCngXOUUsQi8+GJAPlnGr3XcMGuvulR1vQ8Gu2u2euLiVlZM30tuFyyX3IIy3nrWfSowdSy98ORrZkQaIPw8A9JoPs0MEOx+fOuxU9S6GSYGhdwsADpq45wLu5ytu7Ums44ynYu+hl74ACGWGE+BXvsJ2zrRT3jGfw79IxqD3Z0YSss27wxlXMVIi17QQnFSMe0zWGkY7e4IYYgw++eMKZ3We2ouVi81Jxvu520z33lwAkix5KOw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Provide support to mseal the uprobe mapping. Unlike other system mappings, the uprobe mapping is not established during program startup. However, its lifetime is the same as the process's lifetime. It could be sealed from creation. Test was done with perf tool, and observe the uprobe mapping is sealed. Signed-off-by: Jeff Xu Reviewed-by: Oleg Nesterov Reviewed-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett Reviewed-by: Kees Cook --- kernel/events/uprobes.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c index bf2a87a0a378..98632bc47216 100644 --- a/kernel/events/uprobes.c +++ b/kernel/events/uprobes.c @@ -1683,7 +1683,8 @@ static int xol_add_vma(struct mm_struct *mm, struct xol_area *area) } vma = _install_special_mapping(mm, area->vaddr, PAGE_SIZE, - VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO, + VM_EXEC|VM_MAYEXEC|VM_DONTCOPY|VM_IO| + VM_SEALED_SYSMAP, &xol_mapping); if (IS_ERR(vma)) { ret = PTR_ERR(vma); From patchwork Mon Mar 3 05:09:20 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13998194 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id EF2EDC282C5 for ; Mon, 3 Mar 2025 05:09:49 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 950E6280018; Mon, 3 Mar 2025 00:09:44 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 90137280007; Mon, 3 Mar 2025 00:09:44 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 75320280018; Mon, 3 Mar 2025 00:09:44 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 5624E280007 for ; Mon, 3 Mar 2025 00:09:44 -0500 (EST) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 1117E51048 for ; Mon, 3 Mar 2025 05:09:44 +0000 (UTC) X-FDA: 83179062288.05.CEF217F Received: from mail-ed1-f52.google.com (mail-ed1-f52.google.com [209.85.208.52]) by imf01.hostedemail.com (Postfix) with ESMTP id 28C6540005 for ; Mon, 3 Mar 2025 05:09:41 +0000 (UTC) Authentication-Results: imf01.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=msRsmGZJ; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf01.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.52 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740978582; a=rsa-sha256; cv=none; b=UU0XOxo+SSIOCTReogan3CMMgoopSdrsfo9QKwI/JWvkw6WMnUp8+WRmB9OJ91+UBwsLFK D8k0N/NQE42MvGeGw2qT6G3sQCT9r8CkGLn0gcE5Thiy8FDBYuWLDOGBZToiYmriLuGCn5 46Uh5XSAxtxDhJ9i8NYSDkY3FQ2Oov4= ARC-Authentication-Results: i=1; imf01.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=msRsmGZJ; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf01.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.52 as permitted sender) smtp.mailfrom=jeffxu@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740978582; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=tnEHm8Q2R+qf55+zK9cHcOTX+1u/tw9AcohnyzHuWzM=; b=bxaSZwu9wdBIBzD9ofASZt39po3fpWOcDV/0/4KUJ8IYirV1LNT6ALA0Plyx7LVrU68F61 iqkb0r62uGCnzPGsN7zZ4Fun0M4UkO2CoGcKh/428WhocxiFnkURrO740jgZuStGRLG6mU WI0KebIvQMrHiDaGmniHL81FPAJYOrU= Received: by mail-ed1-f52.google.com with SMTP id 4fb4d7f45d1cf-5e4cbbb37ccso386185a12.1 for ; Sun, 02 Mar 2025 21:09:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740978581; x=1741583381; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=tnEHm8Q2R+qf55+zK9cHcOTX+1u/tw9AcohnyzHuWzM=; b=msRsmGZJd7449aljSsaCrRxQ6w0mAA+wKgvi6nqs7VBBvBTxDgUX3dNJcYXREBik7S rZsbb/d2NfABt+iTz8dFuXCdJJ7F7RbALR7ioceSDqEW5oBph66N6rgEGosFl7Wg+ThF vN0E5ByZzhcRRpIj7A6U2Xvx/GisnUFQFTcgk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740978581; x=1741583381; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=tnEHm8Q2R+qf55+zK9cHcOTX+1u/tw9AcohnyzHuWzM=; b=MxE7Nyzwmw2hIOOyi91/hqjCYuOOfD0D10jaIlUosqudu9ZEkx2g4+QFVKgX9/f205 vRPN2SAAtzFSMirBzPJ4XcD3R5lDzkkSx53UQVXLyLggZG86i4KLGP9H2BO1DrBFfdWO 5/0BXFNEVKO+fsoHdr190Kp7ePP+ZFCJtuO0iVAnYBxRN09pSV8U3OJrme6GAaQXcqrD qXcbCAWKGQNGHQQWzQy+xruIFMvnJxJRqrCfsdRI3BQ8kE1R4LHXNKaKfuVDlUTEtxAY uSJB5n7YEyvaonVzD7ZQHmlgPfmBqKNYG1YHvwSAs6lOggaOTMGMikHFX74n9vHZGKxX BkAw== X-Forwarded-Encrypted: i=1; AJvYcCVDy6K88P+Gu3f9lITxxumau/eA5IhLOE0y67lbPU58PbnKpmjlXumXm93Tu9KZ//rv1tucI93KVQ==@kvack.org X-Gm-Message-State: AOJu0YyPzgyeMN2nNolew2xyWHW/ZwUV0SL8eR7I86WCJB0TEWnk9G/P U6PLx1a7hgZYNP+Ybi2tZBJdfEn/NtMV0KElt27WsOVFu2NA3xwRlBYJ/WJmAg== X-Gm-Gg: ASbGncsKlEn7bmcFimZ75jjx3W24viIbZHx54phXFQfaJyOlsdxHCa6sS1VeDmYXchB 8Zx/9AHvyUcKGnDunnjsqT6ju1oVr9PdGn9EoQA0h11zZii1SjF17tNlQ8ybRvhMximyxiz2SM6 BCsT2PZI09D9qHUvapq7LxNq8ufTcjy6qEKNbxT0+BasWojhIJTGZScyjXiop3DAiuL5vP6L/yQ ElvMUKWxsZAa6caM6pTKQNZv9DE6cUYDiIFFmqvW7yI29NS8+utNlmQuwsWqzpVc8yODdC20FtR Ve+JqLGGcEiPsCBTlR4NsyVl4pOgGbkI28CmZAL1I+UQTdU/PcB5pzjiaSlHVKVwOqonh/rSGks n X-Google-Smtp-Source: AGHT+IGr7aLO58G4GmFia0KH79zY4iYQWcKqxIsMg7qlBQCpzajCy2mPKds0czrD1eMZhOSnlodKgg== X-Received: by 2002:a05:6402:2550:b0:5e0:82a0:50b6 with SMTP id 4fb4d7f45d1cf-5e4d6b57020mr4945161a12.6.1740978580628; Sun, 02 Mar 2025 21:09:40 -0800 (PST) Received: from cfish.c.googlers.com.com (40.162.204.35.bc.googleusercontent.com. [35.204.162.40]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5e4c3fb6067sm6248635a12.50.2025.03.02.21.09.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 02 Mar 2025 21:09:39 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu , Kees Cook Subject: [PATCH v8 6/7] mseal sysmap: update mseal.rst Date: Mon, 3 Mar 2025 05:09:20 +0000 Message-ID: <20250303050921.3033083-7-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.711.g2feabab25a-goog In-Reply-To: <20250303050921.3033083-1-jeffxu@google.com> References: <20250303050921.3033083-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 28C6540005 X-Stat-Signature: rz79i5autg9qgt51gfemjiff9jy485kf X-Rspam-User: X-Rspamd-Server: rspam05 X-HE-Tag: 1740978581-545328 X-HE-Meta: U2FsdGVkX1/wUo4rYwu5jVtAO5FkGbDJreG8qc/CN1+DigrTW+Vz2t8ORUopS1vnsfnzS8g418pDoayC4jyrDUcoc7HnoglP1WVk57WxfjhwkJ7uqtak25ZgYhS59Q7lGJrBQR+55DxeA7cWBakHboG+jclldwILUKWATUyEt0ywGOJyS/hqztxK6KgNDFgwan5sI2IsmiqCKhJzup7kbG+ZRqCfIafuYPdjWGGTMIxuk2rVjs9rgRC2biwM3CTjjW/PkaFgng0IiIbNfTih8jEgPjapqd81eHVRiiF2fNb4WE8gieLoA0VWXwx9ruBsmknXfVjaOf7z07DXFVb6ojCMEMbf2rguSDSohYjqndAM/lhlUA9EB+0b7HoNl8IZFSz0dv6xqPxdZVG5in4lAN1ySnGp0Cw62JddjUJlvcV9Ezp8Qyc8h+HdgHsqr4ISROqkGL3FIGvgI4LTRRCZDvQr9+skR2Fs6HxgXOrSg1++Plm0vm4jxMIwIxn/fnLNtwsaMzP+cPsJTU2QIGmai0EzidAEDnkAlFJwlgWVRTLf2W4qzgwsX3HtgB1we8z6Qq22VG6qfXO3pa+UcZlU9JeDOLfBUsJH7Hemxp59FVWaEU/ELpHRPOX+FulHLFC0ndHTjiky/ozLrkA2ru3MQF/JRmbLds7qBnejR83NEj10nopqXAs7eHpD/bKu4jaVkerNL5EteHAKPlYGtS9ScUhFKCXp/kIbPpyZaoCpCGhUfAtNGHUR1ULhKQYiAza9G7IqsQM5h61D1I3kZIGgGFJvCSIYhJsSD7yguyAA1JSSwjNx7dzsODUv5dXRHr/0Qw5OXY2wPRFNtdhTdyP+ZTXlWMQfCkAQgLMcU9vv9RAdqC/ashk+5al38smOIHXoYDzGtZS3NaU1JkUqZVtB72EYpUhrpbKjcSaoQJtzMxfCInxsd5fZc1/nJz84rtomQpWYzL2VC2Z7dZQ2L5D 8a793Prt IIbH4AvzHI/pFGKjeZZeKkZlL5aEILGOkCf/6g+uXZVnsBf+zExnlnLdKIKj6LGmZKM9dDdzQcVaUOoVYGZ5KSfxDhtmSO3l8Dw2oVKy6l/rb7kttyjszhpBc8yJSsPNgHMSiwtKzSruAASkDNzG1wuB+yG6ZKdWckTC8MexQpIC00rvwYIWB+fqT41dwnrGdhd+gDsyIF9iA05Xc5joeJagJlQ05W82Hk8OYNHGp5I6b5UgMe7xWlIQkO8YRGbDBop3coP48YAnqoN7b83ERCOGeM88GBbrSFSeaBWrpwpmaYk3uXTMiXgnECxkYDn2Kg36ljO+SI/NGZRKGRA64koOKu5XvkWYXXm7CXSiejI15GHHot0qdUJvOqydNAZR8X/mx/O5qatt/JqM= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000001, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Update memory sealing documentation to include details about system mappings. Signed-off-by: Jeff Xu Reviewed-by: Kees Cook Reviewed-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett --- Documentation/userspace-api/mseal.rst | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/Documentation/userspace-api/mseal.rst b/Documentation/userspace-api/mseal.rst index 41102f74c5e2..76e10938302a 100644 --- a/Documentation/userspace-api/mseal.rst +++ b/Documentation/userspace-api/mseal.rst @@ -130,6 +130,26 @@ Use cases - Chrome browser: protect some security sensitive data structures. +- System mappings: + The system mappings are created by the kernel and includes vdso, vvar, + vvar_vclock, vectors (arm compact-mode), sigpage (arm compact-mode), uprobes. + + Those system mappings are readonly only or execute only, memory sealing can + protect them from ever changing to writable or unmmap/remapped as different + attributes. This is useful to mitigate memory corruption issues where a + corrupted pointer is passed to a memory management system. + + If supported by an architecture (CONFIG_ARCH_SUPPORTS_MSEAL_SYSTEM_MAPPINGS), + the CONFIG_MSEAL_SYSTEM_MAPPINGS seals all system mappings of this + architecture. + + The following architectures currently support this feature: x86-64 and arm64. + + WARNING: This feature breaks programs which rely on relocating + or unmapping system mappings. Known broken software at the time + of writing includes CHECKPOINT_RESTORE, UML, gVisor, rr. Therefore + this config can't be enabled universally. + When not to use mseal ===================== Applications can apply sealing to any virtual memory region from userspace, From patchwork Mon Mar 3 05:09:21 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Xu X-Patchwork-Id: 13998195 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8ECD1C282C5 for ; Mon, 3 Mar 2025 05:09:53 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 0ECB3280019; Mon, 3 Mar 2025 00:09:47 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 09D60280007; Mon, 3 Mar 2025 00:09:47 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E0AF4280019; Mon, 3 Mar 2025 00:09:46 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id BC2D9280007 for ; Mon, 3 Mar 2025 00:09:46 -0500 (EST) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 713A7140C84 for ; Mon, 3 Mar 2025 05:09:46 +0000 (UTC) X-FDA: 83179062372.18.DE6CCDD Received: from mail-ed1-f47.google.com (mail-ed1-f47.google.com [209.85.208.47]) by imf28.hostedemail.com (Postfix) with ESMTP id 81115C0008 for ; Mon, 3 Mar 2025 05:09:44 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="B62a/oUr"; spf=pass (imf28.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.47 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740978584; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=d5fgysdw0hYp2QViiRgS1DaKy3XnISgvx98xYEVPXVE=; b=JqE5vLwDsi3Nfm7tw3U627VjHaU6/IafdTdywNANuqJKRqgc3hUk/m6JqWnb1xkmb19vKc ECO+/pSwJg2Jjr4kSMBiGAEJ0ze92h9fv2+kANbat+z/u1F87E6eVXjh8DcMkBdKl7drww Nk1kNNBWO+GcR2nhJ2G4NLMRTeazo/M= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b="B62a/oUr"; spf=pass (imf28.hostedemail.com: domain of jeffxu@chromium.org designates 209.85.208.47 as permitted sender) smtp.mailfrom=jeffxu@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740978584; a=rsa-sha256; cv=none; b=YTWB298Fy/JQT0tk5hCacxm1ljIK+siCF6NFouNjHuWoXHc5CnU04NEbfCLlNRFv9As/De /IGQzW+CCOEgh7foz666SkEYntsDwgHDfB2pomOemrurqR0DydTBSDWJJVxTr9tk7v9Gx+ l76cJyxpOLNJOaZEJ3wJUr3nfUi18GA= Received: by mail-ed1-f47.google.com with SMTP id 4fb4d7f45d1cf-5e4c2eaeddeso416820a12.3 for ; Sun, 02 Mar 2025 21:09:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1740978583; x=1741583383; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=d5fgysdw0hYp2QViiRgS1DaKy3XnISgvx98xYEVPXVE=; b=B62a/oUrZgEYjx8pa1M7GvCyNPoBHrsUf7oeGDK8l5qaYyjOOLibB6+5wI/XHBi2tc Mu4vQUqEGqMa0AYqO6jAGcR0PA1g8KR4AjBxMmDWMickKZcPPhSsC6A5KlcpoEfXDBac GkxbI2ZQrZWVUyifj8pDs7dK4w41mWx0NWLJA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740978583; x=1741583383; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=d5fgysdw0hYp2QViiRgS1DaKy3XnISgvx98xYEVPXVE=; b=MCHJzDl/IPwL9lP+YEYgifcFsSK/12JwHIK2eOGa25lpMd97k8LfvzKjeDCNzAVGtC UGhJRW0Gg4dnNAm1dDna80b7Akej1ItZhQvAQmNipMI2Nse1Rclx0TbmEQhVf8X+DtOc bnzFzvEGrARoxWCURXs/fNjc5jUToukCvfIzeeX65zI/riBniVZ3BLzivi/Xs4mBwTzk 8R/Y7mrsZMKLwMKpQFJnMRZGR2lJzvwR8t6HXcpOazBGeOw00PBP0uT1435yFoBjp4xY xVZrxPEpf1D8uyI4fZMolL0MX87BtqpMq8e2qvMH++ZuO55tl3x86ySezzTvx3kj3YVA b0gQ== X-Forwarded-Encrypted: i=1; AJvYcCXxBI8wcapGR2W9tHKKeX8ABI0fGYLg94+B0PDBNTx3K+nY1sd6C/imhK141VGx5wcj7E3dv74xsQ==@kvack.org X-Gm-Message-State: AOJu0YwvwRXwgneyfQHDKgs+bBHKdjh6/iZSIAcB2H310OSrJKdS8pKT 0xy2SZoQMWPJYoJJvXz7SAfvnDPW13lz9TOR/L78mtZGAvSl14+H708qMl2z4A== X-Gm-Gg: ASbGnctsaq3bkYuZLMADdLdsoD5cdlCHwNE1pEhJ2OqNVpWvguc7NAgEx7xLplrBVus +tAQYpIEGX+eb1NFstE0FkDykb3RVsKJ83TD0WoJcOTxfmjl5Nzlu+wxRueXXf9uFAZcDuOZefs ATpSfHmQ4pwq8b48geX9tB2jUwBXnh4W3eVpLzqZ3NDtARjC4XoPoOmeQJ+BVkoIbwim7nBYT6r fzrO3AE+0LOPFYsa2CC8A6VmIICDxRG2LpEO++Dt8LSnpL9BUDjFmxLzE9veDght9xyyBrIaaiM ihSuzKGMWaC/XPkz3wBBEj4uHKjN1KIR8Q98wQ8K6iprh5qEKGbxQr+TKQ66zDp1ltSxKtUKNmd L X-Google-Smtp-Source: AGHT+IHTdlg4uwUS2DR1NxqiIsQtmp7SzqfKi1TOhCGqRUS9eLAof+QK26Tfrj2rVc6wBqo4vEC8Zg== X-Received: by 2002:a05:6402:35cb:b0:5de:d6c3:1119 with SMTP id 4fb4d7f45d1cf-5e4d6ac3cccmr4772163a12.1.1740978583010; Sun, 02 Mar 2025 21:09:43 -0800 (PST) Received: from cfish.c.googlers.com.com (40.162.204.35.bc.googleusercontent.com. [35.204.162.40]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5e4c3fb6067sm6248635a12.50.2025.03.02.21.09.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 02 Mar 2025 21:09:41 -0800 (PST) From: jeffxu@chromium.org To: akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, torvalds@linux-foundation.org, vbabka@suse.cz, lorenzo.stoakes@oracle.com, Liam.Howlett@Oracle.com, adhemerval.zanella@linaro.org, oleg@redhat.com, avagin@gmail.com, benjamin@sipsolutions.net Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, jorgelo@chromium.org, sroettger@google.com, hch@lst.de, ojeda@kernel.org, thomas.weissschuh@linutronix.de, adobriyan@gmail.com, johannes@sipsolutions.net, pedro.falcato@gmail.com, hca@linux.ibm.com, willy@infradead.org, anna-maria@linutronix.de, mark.rutland@arm.com, linus.walleij@linaro.org, Jason@zx2c4.com, deller@gmx.de, rdunlap@infradead.org, davem@davemloft.net, peterx@redhat.com, f.fainelli@gmail.com, gerg@kernel.org, dave.hansen@linux.intel.com, mingo@kernel.org, ardb@kernel.org, mhocko@suse.com, 42.hyeyoo@gmail.com, peterz@infradead.org, ardb@google.com, enh@google.com, rientjes@google.com, groeck@chromium.org, mpe@ellerman.id.au, aleksandr.mikhalitsyn@canonical.com, mike.rapoport@gmail.com, Jeff Xu Subject: [PATCH v8 7/7] selftest: test system mappings are sealed. Date: Mon, 3 Mar 2025 05:09:21 +0000 Message-ID: <20250303050921.3033083-8-jeffxu@google.com> X-Mailer: git-send-email 2.48.1.711.g2feabab25a-goog In-Reply-To: <20250303050921.3033083-1-jeffxu@google.com> References: <20250303050921.3033083-1-jeffxu@google.com> MIME-Version: 1.0 X-Rspam-User: X-Stat-Signature: okz4mo1frfnmcw4ksjp6mj9mktg7h51t X-Rspamd-Queue-Id: 81115C0008 X-Rspamd-Server: rspam07 X-HE-Tag: 1740978584-376359 X-HE-Meta: U2FsdGVkX1/ttIK6Q72LYsiHrW8kMHI8VbaEnmQ5VNK5LKUepBHw02tEVC7IQN57kRZAbwt8J6LkX8mxCqQoppB5MVdErMh4u0+v/CRIxq+RDI4a8IyHypYhfLmxOSfNtriSGQazm0YVtDoGsJf4kY2Y36o662Y0C26G9jNZgmb8UC0wMBEEisv+oAxDNsUsHpF9zylc6Eiqi7AiUbMZSqTbJRJ5Op/n5tMeqis43leh12c7yeGjjdX7VlfE15pj4Aeja7nHf9G96ZXg+pmGpOFzjJ7DXZzVPPHW1UcmhaSXU/rXBWRY7UvgJaNk/TsQojLtxWepNXe7WVKFAAFRsN/sbpEQOG7AjMn3TTNbMrwSEKCaMLZLilLXy/r6rxVzXg0E93gF72ky26fDp/dbUL/lbVaSh6j8ifiI3e6uSzwo9dm4TSb75MmoootdMBaxb7XaVWO6vY/Dg3YGaiJD/aMVPq89IJyKc3vZU0lSdYnTBeg/f+TjsmZE5UTvSSuwwlgXa23fNcEQiGp2b99uRyyYgfa4VAnfaXhg8Ua2ZXiU520YijuaI8Mz1SyGVuY+ghamEkDd12Nr2H8Xy943V/s9wH80wczHEWNTdgPzLneCL4FjCMEuXEU3XbN87xZKTx5Zwqx0eNnehe/yOUMrYoBWheIVJzbud9K3gZ10niV2/y9Ygq/E0gE/6+0hMkkjXaDteEaaiOmDofAhWDpYzjK5Qxj2Gtf3aTQyS/wEkmGjt6yisnuWJq4O80SMTNWAV5wyflWixUnZwbgaAP71C/ikUr1Gk34QvbzDKfQNXiMp2PlvWmz4/+34giBrAZURQ0GAAlYYd0T2i+S8KbJKTkAydjDZAvigZV6IY75M4apek107dJvtu7GkmPsUPtTzZjPuvKN654m3MyuxQj05cQjcn8xiMIumMalhvsVKHUC0hucKoIBpH8S0qirywjt4Z6yQRyqjxb7a6EECIWt a2IwJ7T+ JnBX4VIAobzXH6O857luVFxM+WnG0Xv2pgkevSmDDFhfxjxgOM4iId1neSvOzMSG1kR9UNxPVIxAJiU4Fx1hSMbGhVGP9aOsf94PbaFAvstjS3OwAZlTgtoizOhf8TzDJdZkpoANc6C/c5zJ7s20pEyHgEiZOI5qvCOY0fX370NvcSVV2OAcK1X7S+kuGyH51lLBz3wVIAhX73D5o5VSQ4CMtG0GObKvdQRpMzNviy6/80GI/4c6t11oKBuZa/oXKPeanY6B/h4LGtGIerXKDTs2zEmBrF+0XKKgTe+LN01XwwnPsZJWXXfZzC8MdJBsitlT8JVEmxpyNv4TYroa3zlrcJd8ZeiOI1ZiQ7k/Y+07PO/brjJeXTRLV3aapP0xjwrqq4hdkU57NF7LiHtL6zxfBTg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000004, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Jeff Xu Add sysmap_is_sealed.c to test system mappings are sealed. Note: CONFIG_MSEAL_SYSTEM_MAPPINGS must be set, as indicated in config file. Signed-off-by: Jeff Xu Reviewed-by: Lorenzo Stoakes --- .../mseal_system_mappings/.gitignore | 2 + .../selftests/mseal_system_mappings/Makefile | 6 + .../selftests/mseal_system_mappings/config | 1 + .../mseal_system_mappings/sysmap_is_sealed.c | 113 ++++++++++++++++++ 4 files changed, 122 insertions(+) create mode 100644 tools/testing/selftests/mseal_system_mappings/.gitignore create mode 100644 tools/testing/selftests/mseal_system_mappings/Makefile create mode 100644 tools/testing/selftests/mseal_system_mappings/config create mode 100644 tools/testing/selftests/mseal_system_mappings/sysmap_is_sealed.c diff --git a/tools/testing/selftests/mseal_system_mappings/.gitignore b/tools/testing/selftests/mseal_system_mappings/.gitignore new file mode 100644 index 000000000000..319c497a595e --- /dev/null +++ b/tools/testing/selftests/mseal_system_mappings/.gitignore @@ -0,0 +1,2 @@ +# SPDX-License-Identifier: GPL-2.0-only +sysmap_is_sealed diff --git a/tools/testing/selftests/mseal_system_mappings/Makefile b/tools/testing/selftests/mseal_system_mappings/Makefile new file mode 100644 index 000000000000..2b4504e2f52f --- /dev/null +++ b/tools/testing/selftests/mseal_system_mappings/Makefile @@ -0,0 +1,6 @@ +# SPDX-License-Identifier: GPL-2.0-only +CFLAGS += -std=c99 -pthread -Wall $(KHDR_INCLUDES) + +TEST_GEN_PROGS := sysmap_is_sealed + +include ../lib.mk diff --git a/tools/testing/selftests/mseal_system_mappings/config b/tools/testing/selftests/mseal_system_mappings/config new file mode 100644 index 000000000000..675cb9f37b86 --- /dev/null +++ b/tools/testing/selftests/mseal_system_mappings/config @@ -0,0 +1 @@ +CONFIG_MSEAL_SYSTEM_MAPPINGS=y diff --git a/tools/testing/selftests/mseal_system_mappings/sysmap_is_sealed.c b/tools/testing/selftests/mseal_system_mappings/sysmap_is_sealed.c new file mode 100644 index 000000000000..c1e93794a58b --- /dev/null +++ b/tools/testing/selftests/mseal_system_mappings/sysmap_is_sealed.c @@ -0,0 +1,113 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * test system mappings are sealed when + * KCONFIG_MSEAL_SYSTEM_MAPPINGS=y + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include + +#include "../kselftest.h" +#include "../kselftest_harness.h" + +#define VDSO_NAME "[vdso]" +#define VVAR_NAME "[vvar]" +#define VVAR_VCLOCK_NAME "[vvar_vclock]" +#define UPROBES_NAME "[uprobes]" +#define SIGPAGE_NAME "[sigpage]" +#define VECTORS_NAME "[vectors]" + +#define VMFLAGS "VmFlags:" +#define MSEAL_FLAGS "sl" +#define MAX_LINE_LEN 512 + +bool has_mapping(char *name, FILE *maps) +{ + char line[MAX_LINE_LEN]; + + while (fgets(line, sizeof(line), maps)) { + if (strstr(line, name)) + return true; + } + + return false; +} + +bool mapping_is_sealed(char *name, FILE *maps) +{ + char line[MAX_LINE_LEN]; + + while (fgets(line, sizeof(line), maps)) { + if (!strncmp(line, VMFLAGS, strlen(VMFLAGS))) { + if (strstr(line, MSEAL_FLAGS)) + return true; + + return false; + } + } + + return false; +} + +FIXTURE(basic) { + FILE *maps; +}; + +FIXTURE_SETUP(basic) +{ + self->maps = fopen("/proc/self/smaps", "r"); + if (!self->maps) + SKIP(return, "Could not open /proc/self/smap, errno=%d", + errno); +}; + +FIXTURE_TEARDOWN(basic) +{ + if (self->maps) + fclose(self->maps); +}; + +FIXTURE_VARIANT(basic) +{ + char *name; +}; + +FIXTURE_VARIANT_ADD(basic, vdso) { + .name = VDSO_NAME, +}; + +FIXTURE_VARIANT_ADD(basic, vvar) { + .name = VVAR_NAME, +}; + +FIXTURE_VARIANT_ADD(basic, vvar_vclock) { + .name = VVAR_VCLOCK_NAME, +}; + +FIXTURE_VARIANT_ADD(basic, sigpage) { + .name = SIGPAGE_NAME, +}; + +FIXTURE_VARIANT_ADD(basic, vectors) { + .name = VECTORS_NAME, +}; + +FIXTURE_VARIANT_ADD(basic, uprobes) { + .name = UPROBES_NAME, +}; + +TEST_F(basic, is_sealed) +{ + if (!has_mapping(variant->name, self->maps)) { + SKIP(return, "could not found the mapping, %s", + variant->name); + } + + EXPECT_TRUE(mapping_is_sealed(variant->name, self->maps)); +}; + +TEST_HARNESS_MAIN