On Mon, Feb 24, 2025 at 12:13 PM Liam R. Howlett
wrote:
>
> * Jeff Xu [250224 14:42]:
> > On Mon, Feb 24, 2025 at 11:25 AM Kees Cook wrote:
> > >
> > > On Mon, Feb 24, 2025 at 11:10:22AM -0800, Jeff Xu wrote:
> > > > On Mon, Feb 24, 2025 at 11:03 AM Liam R. Howlett
> > > > wrote:
> > > > >
> >
* Jeff Xu [250224 14:40]:
> On Mon, Feb 24, 2025 at 11:18 AM Liam R. Howlett
> wrote:
> >
> > Also, do we need something like the above test for VM_SEALED_SYS?
> >
> Do you mean adding selftest for sealing vdso ? or test the
> VM_SEALED_SYS macro in 32 bit vs 64 bits ?
>
> CONFIG_MSEAL_SYSTEM_MA
* Jeff Xu [250224 14:42]:
> On Mon, Feb 24, 2025 at 11:25 AM Kees Cook wrote:
> >
> > On Mon, Feb 24, 2025 at 11:10:22AM -0800, Jeff Xu wrote:
> > > On Mon, Feb 24, 2025 at 11:03 AM Liam R. Howlett
> > > wrote:
> > > >
> > > > * Jeff Xu [250224 13:44]:
> > > > > On Mon, Feb 24, 2025 at 10:21 AM
On Mon, Feb 24, 2025 at 11:18 AM Liam R. Howlett
wrote:
>
> Also, do we need something like the above test for VM_SEALED_SYS?
>
Do you mean adding selftest for sealing vdso ? or test the
VM_SEALED_SYS macro in 32 bit vs 64 bits ?
CONFIG_MSEAL_SYSTEM_MAPPINGS is by default disabled. I'm not sure
a
On Mon, Feb 24, 2025 at 11:25 AM Kees Cook wrote:
>
> On Mon, Feb 24, 2025 at 11:10:22AM -0800, Jeff Xu wrote:
> > On Mon, Feb 24, 2025 at 11:03 AM Liam R. Howlett
> > wrote:
> > >
> > > * Jeff Xu [250224 13:44]:
> > > > On Mon, Feb 24, 2025 at 10:21 AM Dave Hansen
> > > > wrote:
> > > > >
> >
On Mon, Feb 24, 2025 at 11:32 AM Liam R. Howlett
wrote:
>
> * Jeff Xu [250224 14:23]:
> > On Mon, Feb 24, 2025 at 11:11 AM Liam R. Howlett
> > wrote:
> > >
> > > * Kees Cook [250224 13:55]:
> > > > On Mon, Feb 24, 2025 at 10:52:13AM -0800, Dave Hansen wrote:
> > > > > On 2/24/25 10:44, Jeff Xu
On Mon, Feb 24, 2025 at 11:26 AM Kees Cook wrote:
>
> On Mon, Feb 24, 2025 at 02:10:58PM -0500, Liam R. Howlett wrote:
> > * Kees Cook [250224 13:55]:
> > > On Mon, Feb 24, 2025 at 10:52:13AM -0800, Dave Hansen wrote:
> > > > On 2/24/25 10:44, Jeff Xu wrote:
> > > > > For example:
> > > > > Consi
* Jeff Xu [250224 14:23]:
> On Mon, Feb 24, 2025 at 11:11 AM Liam R. Howlett
> wrote:
> >
> > * Kees Cook [250224 13:55]:
> > > On Mon, Feb 24, 2025 at 10:52:13AM -0800, Dave Hansen wrote:
> > > > On 2/24/25 10:44, Jeff Xu wrote:
> > > > > For example:
> > > > > Consider the case below in
> > >
On Mon, Feb 24, 2025 at 02:10:58PM -0500, Liam R. Howlett wrote:
> * Kees Cook [250224 13:55]:
> > On Mon, Feb 24, 2025 at 10:52:13AM -0800, Dave Hansen wrote:
> > > On 2/24/25 10:44, Jeff Xu wrote:
> > > > For example:
> > > > Consider the case below in
> > > > src/third_party/kernel/v6.6/fs/pro
On Mon, Feb 24, 2025 at 11:10:22AM -0800, Jeff Xu wrote:
> On Mon, Feb 24, 2025 at 11:03 AM Liam R. Howlett
> wrote:
> >
> > * Jeff Xu [250224 13:44]:
> > > On Mon, Feb 24, 2025 at 10:21 AM Dave Hansen
> > > wrote:
> > > >
> > > > On 2/24/25 09:45, jef...@chromium.org wrote:
> > > > > +/*
> > >
On Mon, Feb 24, 2025 at 11:11 AM Liam R. Howlett
wrote:
>
> * Kees Cook [250224 13:55]:
> > On Mon, Feb 24, 2025 at 10:52:13AM -0800, Dave Hansen wrote:
> > > On 2/24/25 10:44, Jeff Xu wrote:
> > > > For example:
> > > > Consider the case below in
> > > > src/third_party/kernel/v6.6/fs/proc/task
* Jeff Xu [250224 14:07]:
...
> > >
> > > #ifdef CONFIG_64BIT
> > > [ilog2(VM_SEALED)] = "sl",
> > > #endif
> > >
> > > Redefining VM_SEALED to VM_NONE for 32 bit won't detect the problem
> > > in case that "#ifdef CONFIG_64BIT" line is missing.
> >
> > I don't think it is reasonable to insist
* Kees Cook [250224 13:55]:
> On Mon, Feb 24, 2025 at 10:52:13AM -0800, Dave Hansen wrote:
> > On 2/24/25 10:44, Jeff Xu wrote:
> > > For example:
> > > Consider the case below in src/third_party/kernel/v6.6/fs/proc/task_mmu.c,
> > >
> > > #ifdef CONFIG_64BIT
> > > [ilog2(VM_SEALED)] = "sl",
> >
On Mon, Feb 24, 2025 at 11:03 AM Liam R. Howlett
wrote:
>
> * Jeff Xu [250224 13:44]:
> > On Mon, Feb 24, 2025 at 10:21 AM Dave Hansen wrote:
> > >
> > > On 2/24/25 09:45, jef...@chromium.org wrote:
> > > > +/*
> > > > + * mseal of userspace process's system mappings.
> > > > + */
> > > > +#ifde
On Mon, Feb 24, 2025 at 11:03 AM Liam R. Howlett
wrote:
>
> * Jeff Xu [250224 13:44]:
> > On Mon, Feb 24, 2025 at 10:21 AM Dave Hansen wrote:
> > >
> > > On 2/24/25 09:45, jef...@chromium.org wrote:
> > > > +/*
> > > > + * mseal of userspace process's system mappings.
> > > > + */
> > > > +#ifde
* Jeff Xu [250224 13:44]:
> On Mon, Feb 24, 2025 at 10:21 AM Dave Hansen wrote:
> >
> > On 2/24/25 09:45, jef...@chromium.org wrote:
> > > +/*
> > > + * mseal of userspace process's system mappings.
> > > + */
> > > +#ifdef CONFIG_MSEAL_SYSTEM_MAPPINGS
> > > +#define MSEAL_SYSTEM_MAPPINGS_VM_FLAG
On 2/24/25 10:55, Kees Cook wrote:
>> That logic is reasonable. But it's different from the _vast_ majority of
>> other flags.
>>
>> So what justifies VM_SEALED being so different? It's leading to pretty
>> objectively ugly code in this series.
> Note that VM_SEALED is the "is this VMA sealed?" bit
On Mon, Feb 24, 2025 at 10:55 AM Kees Cook wrote:
>
> On Mon, Feb 24, 2025 at 10:52:13AM -0800, Dave Hansen wrote:
> > On 2/24/25 10:44, Jeff Xu wrote:
> > > For example:
> > > Consider the case below in src/third_party/kernel/v6.6/fs/proc/task_mmu.c,
> > >
> > > #ifdef CONFIG_64BIT
> > > [ilog2(V
On Mon, Feb 24, 2025 at 10:52:13AM -0800, Dave Hansen wrote:
> On 2/24/25 10:44, Jeff Xu wrote:
> > For example:
> > Consider the case below in src/third_party/kernel/v6.6/fs/proc/task_mmu.c,
> >
> > #ifdef CONFIG_64BIT
> > [ilog2(VM_SEALED)] = "sl",
> > #endif
> >
> > Redefining VM_SEALED to VM
On 2/24/25 10:44, Jeff Xu wrote:
> For example:
> Consider the case below in src/third_party/kernel/v6.6/fs/proc/task_mmu.c,
>
> #ifdef CONFIG_64BIT
> [ilog2(VM_SEALED)] = "sl",
> #endif
>
> Redefining VM_SEALED to VM_NONE for 32 bit won't detect the problem
> in case that "#ifdef CONFIG_64BIT"
On Mon, Feb 24, 2025 at 10:21 AM Dave Hansen wrote:
>
> On 2/24/25 09:45, jef...@chromium.org wrote:
> > +/*
> > + * mseal of userspace process's system mappings.
> > + */
> > +#ifdef CONFIG_MSEAL_SYSTEM_MAPPINGS
> > +#define MSEAL_SYSTEM_MAPPINGS_VM_FLAGVM_SEALED
> > +#else
> > +#define M
On 2/24/25 09:45, jef...@chromium.org wrote:
> +/*
> + * mseal of userspace process's system mappings.
> + */
> +#ifdef CONFIG_MSEAL_SYSTEM_MAPPINGS
> +#define MSEAL_SYSTEM_MAPPINGS_VM_FLAGVM_SEALED
> +#else
> +#define MSEAL_SYSTEM_MAPPINGS_VM_FLAGVM_NONE
> +#endif
This ends up loo
From: Jeff Xu
Provide infrastructure to mseal system mappings. Establish
two kernel configs (CONFIG_MSEAL_SYSTEM_MAPPINGS,
ARCH_HAS_MSEAL_SYSTEM_MAPPINGS) and MSEAL_SYSTEM_MAPPINGS_VM_FLAG
macro for future patches.
As discussed during mseal() upstream process [1], mseal() protects
the VMAs of a
23 matches
Mail list logo
