Hi Liam On Wed, Oct 16, 2024 at 7:03 PM Liam R. Howlett <liam.howl...@oracle.com> wrote: > > * Jeff Xu <jef...@chromium.org> [241016 20:59]: > > On Wed, Oct 16, 2024 at 4:18 PM Liam R. Howlett <liam.howl...@oracle.com> > > wrote: > > > > > > * jef...@chromium.org <jef...@chromium.org> [241014 17:50]: > > > > From: Jeff Xu <jef...@chromium.org> > > > > > > > > Seal vdso, vvar, sigpage, uprobes and vsyscall. > > > > > > > > Those mappings are readonly or executable only, sealing can protect > > > > them from ever changing during the life time of the process. For > > > > complete descriptions of memory sealing, please see mseal.rst [1]. > > > > I will mention unmap in the above sentence.
> > > > System mappings such as vdso, vvar, and sigpage (for arm) are > > > > generated by the kernel during program initialization. These mappings > > > > are designated as non-writable, and sealing them will prevent them > > > > from ever becoming writeable. > > > ^ or ever removed. > > > This section is about the mappings (vdso, etc) created during program initialization vs later time as uprobe, I will revise to make it clearer to the reader. Thanks -Jeff
